{"resultsPerPage":16,"startIndex":0,"totalResults":16,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-19T13:12:25.365","vulnerabilities":[{"cve":{"id":"CVE-2026-2377","sourceIdentifier":"secalert@redhat.com","published":"2026-04-08T17:21:16.237","lastModified":"2026-07-18T23:17:01.350","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Red Hat Quay and mirror registry for Red Hat OpenShift. The log export feature in these products allows an authenticated user to specify an arbitrary callback URL. A backend process then makes server-side HTTP requests to this provided URL. This vulnerability, known as Server-Side Request Forgery (SSRF), could allow an attacker to send requests from the application's internal network, potentially leading to the disclosure of sensitive information."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Quay 3.1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.10::el8"],"versions":[{"version":"1779822261","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.12","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.12::el8"],"versions":[{"version":"1779811412","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.14","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.14::el8"],"versions":[{"version":"1779689392","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.15::el8"],"versions":[{"version":"1780891395","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel9","cpes":["cpe:/a:redhat:quay:3.16::el9"],"versions":[{"version":"1779204086","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.9::el8"],"versions":[{"version":"1779811473","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift/mirror-registry-rhel8","cpes":["cpe:/a:redhat:mirror_registry:1"]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift 2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift/mirror-registry-rhel8","cpes":["cpe:/a:redhat:mirror_registry:2"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Quay 3.10","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.10::el8"],"versions":[{"version":"1779822261","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.12","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.12::el8"],"versions":[{"version":"1779811412","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.14","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.14::el8"],"versions":[{"version":"1779689392","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.15::el8"],"versions":[{"version":"1780891395","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel9","cpes":["cpe:/a:redhat:quay:3.16::el9"],"versions":[{"version":"1779204086","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.9::el8"],"versions":[{"version":"1779811473","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift/mirror-registry-rhel8","cpes":["cpe:/a:redhat:mirror_registry:1"]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift 2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift/mirror-registry-rhel8","cpes":["cpe:/a:redhat:mirror_registry:2"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-08T18:42:52.638708Z","id":"CVE-2026-2377","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:mirror_registry_for_red_hat_openshift:-:*:*:*:*:*:*:*","matchCriteriaId":"63757310-FC5B-44E6-9211-36269827BC56"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:mirror_registry_for_red_hat_openshift:2.0:*:*:*:*:*:*:*","matchCriteriaId":"281E6AA4-1E08-488F-BA7A-F0BE7CF42A5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1987BDA-0113-4603-B9BE-76647EB043F2"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:19375","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:21017","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:22629","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:22840","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:23361","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:24853","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-2377","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439201","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:19375","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21017","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22629","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22840","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23361","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24853","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-2377","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439201","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2377.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-32589","sourceIdentifier":"secalert@redhat.com","published":"2026-04-08T18:25:59.790","lastModified":"2026-07-18T23:17:01.640","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user's in-progress image upload."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift 2.0","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift/mirror-registry-rhel8","cpes":["cpe:/a:redhat:mirror_registry:2.0::el8"],"versions":[{"version":"1782177012","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.10::el8"],"versions":[{"version":"1779822261","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.12","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.12::el8"],"versions":[{"version":"1779811412","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.14","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.14::el8"],"versions":[{"version":"1779689392","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.15::el8"],"versions":[{"version":"1780891395","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel9","cpes":["cpe:/a:redhat:quay:3.16::el9"],"versions":[{"version":"1779204086","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.17","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel9","cpes":["cpe:/a:redhat:quay:3.17::el9"],"versions":[{"version":"1779922205","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.9::el8"],"versions":[{"version":"1779811473","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift/mirror-registry-rhel8","cpes":["cpe:/a:redhat:mirror_registry:1"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift 2.0","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift/mirror-registry-rhel8","cpes":["cpe:/a:redhat:mirror_registry:2.0::el8"],"versions":[{"version":"1782177012","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.10","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.10::el8"],"versions":[{"version":"1779822261","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.12","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.12::el8"],"versions":[{"version":"1779811412","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.14","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.14::el8"],"versions":[{"version":"1779689392","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.15::el8"],"versions":[{"version":"1780891395","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel9","cpes":["cpe:/a:redhat:quay:3.16::el9"],"versions":[{"version":"1779204086","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.17","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel9","cpes":["cpe:/a:redhat:quay:3.17::el9"],"versions":[{"version":"1779922205","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.9::el8"],"versions":[{"version":"1779811473","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift/mirror-registry-rhel8","cpes":["cpe:/a:redhat:mirror_registry:1"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.1,"impactScore":3.7},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.1,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-08T18:01:21.450628Z","id":"CVE-2026-32589","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:mirror_registry_for_red_hat_openshift:-:*:*:*:*:*:*:*","matchCriteriaId":"63757310-FC5B-44E6-9211-36269827BC56"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:mirror_registry_for_red_hat_openshift:2.0:*:*:*:*:*:*:*","matchCriteriaId":"281E6AA4-1E08-488F-BA7A-F0BE7CF42A5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1987BDA-0113-4603-B9BE-76647EB043F2"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:19375","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:21017","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:22465","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:22629","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:22840","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:23361","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:24853","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:28441","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-32589","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446963","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:19375","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21017","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22465","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22629","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22840","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23361","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24853","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28441","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-32589","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446963","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32589.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-32591","sourceIdentifier":"secalert@redhat.com","published":"2026-04-08T18:26:00.107","lastModified":"2026-07-18T23:17:01.947","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An attacker with organization administrator privileges could supply a crafted hostname to force the Quay server to make requests to internal network services, cloud infrastructure endpoints, or other resources that should not be accessible from the Quay application."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Quay 3.1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.10::el8"],"versions":[{"version":"1783750447","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel9","cpes":["cpe:/a:redhat:quay:3.16::el9"],"versions":[{"version":"1783955846","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.17","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel9","cpes":["cpe:/a:redhat:quay:3.17::el9"],"versions":[{"version":"1780604033","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.9::el8"],"versions":[{"version":"1784125838","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift/mirror-registry-rhel8","cpes":["cpe:/a:redhat:mirror_registry:1"]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift 2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift/mirror-registry-rhel8","cpes":["cpe:/a:redhat:mirror_registry:2"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Quay 3.10","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.10::el8"],"versions":[{"version":"1783750447","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel9","cpes":["cpe:/a:redhat:quay:3.16::el9"],"versions":[{"version":"1783955846","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.17","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel9","cpes":["cpe:/a:redhat:quay:3.17::el9"],"versions":[{"version":"1780604033","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Quay 3.9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"quay/quay-rhel8","cpes":["cpe:/a:redhat:quay:3.9::el8"],"versions":[{"version":"1784125838","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift/mirror-registry-rhel8","cpes":["cpe:/a:redhat:mirror_registry:1"]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift 2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift/mirror-registry-rhel8","cpes":["cpe:/a:redhat:mirror_registry:2"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N","baseScore":5.2,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":4.2},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N","baseScore":5.2,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-10T20:34:13.210994Z","id":"CVE-2026-32591","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:mirror_registry_for_red_hat_openshift:-:*:*:*:*:*:*:*","matchCriteriaId":"63757310-FC5B-44E6-9211-36269827BC56"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:mirror_registry_for_red_hat_openshift:2.0:*:*:*:*:*:*:*","matchCriteriaId":"281E6AA4-1E08-488F-BA7A-F0BE7CF42A5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1987BDA-0113-4603-B9BE-76647EB043F2"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:24833","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:40262","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:41031","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:41066","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-32591","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446965","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:24833","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:40262","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:41031","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:41066","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-32591","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446965","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32591.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-10840","sourceIdentifier":"secalert@redhat.com","published":"2026-06-04T12:16:24.813","lastModified":"2026-07-18T23:17:00.543","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group write access to Kueue and cert-manager custom resources via the tekton-scheduler-role ClusterRole. When Kueue or cert-manager CRDs are present on the cluster, any authenticated user can disrupt workload scheduling, tamper with scheduling priorities, delete other tenants' Workload objects, or induce cert-manager to overwrite TLS Secrets including the default ingress controller certificate."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Builds 1.7.1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-builds/openshift-builds-rhel9-operator","cpes":["cpe:/a:redhat:openshift_builds:1.7::el9"],"versions":[{"version":"1783341609","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Builds 1.8.1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-builds/openshift-builds-rhel9-operator","cpes":["cpe:/a:redhat:openshift_builds:1.8::el9"],"versions":[{"version":"1784121108","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-operator-proxy-rhel8","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-operator-proxy-rhel9","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-operator-webhook-rhel8","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-operator-webhook-rhel9","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-rhel8-operator","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-rhel9-operator","cpes":["cpe:/a:redhat:openshift_pipelines:1"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Builds 1.7.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-builds/openshift-builds-rhel9-operator","cpes":["cpe:/a:redhat:openshift_builds:1.7::el9"],"versions":[{"version":"1783341609","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Builds 1.8.1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-builds/openshift-builds-rhel9-operator","cpes":["cpe:/a:redhat:openshift_builds:1.8::el9"],"versions":[{"version":"1784121108","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-operator-proxy-rhel8","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-operator-proxy-rhel9","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-operator-webhook-rhel8","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-operator-webhook-rhel9","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-rhel8-operator","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-rhel9-operator","cpes":["cpe:/a:redhat:openshift_pipelines:1"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-04T13:11:57.092142Z","id":"CVE-2026-10840","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-732"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-732"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36648","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:41036","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-10840","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484720","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36648","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:41036","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-10840","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484720","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-10840.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-58056","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-28T02:16:32.860","lastModified":"2026-07-18T21:17:03.830","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"RustDesk gates incoming control messages on per-capability flags rather than on the session's authorized connection type, and a file-transfer session does not clear those flags. A peer holding only a valid FileTransfer authorization can inject keyboard and mouse input and reach the unguarded screenshot and display-capture handlers, acting outside its granted scope."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"RustDesk","product":"RustDesk","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"1.4.8","versionType":"semver","status":"affected"},{"version":"1.4.9","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:29:19.790048Z","id":"CVE-2026-58056","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/bikini/exploitarium/tree/main/rustdesk-session-permission-pocs","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/rustdesk-filetransfer-session-authorization-scope-bypass","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-12228","sourceIdentifier":"security@huntr.dev","published":"2026-07-18T21:17:03.040","lastModified":"2026-07-18T21:17:03.040","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability exists in the `POST /api/prompts/share` endpoint of parisneo/lollms (latest version). The endpoint stores attacker-controlled `prompt_content` into `DBDirectMessage.content` without server-side sanitization. When a victim opens the direct message (DM) thread, the message is rendered by the DM UI through `MessageContentRenderer`, which uses `v-html` to insert rendered HTML into the DOM. The frontend sanitizer, which is regex-based, fails to comprehensively sanitize attacker-controlled HTML, allowing malicious payloads to execute in the victim's browser context. This vulnerability enables any authenticated user to send a malicious prompt-share message to another user's inbox, leading to arbitrary JavaScript execution, authenticated actions as the victim, exposure of same-origin application data, and potential account takeover."}],"affected":[{"source":"security@huntr.dev","affectedData":[{"vendor":"parisneo","product":"parisneo/lollms","versions":[{"version":"unspecified","lessThanOrEqual":"latest","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"security@huntr.dev","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}]},"weaknesses":[{"source":"security@huntr.dev","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://huntr.com/bounties/25623635-5ceb-4062-8289-02089e6d97c1","source":"security@huntr.dev"}]}},{"cve":{"id":"CVE-2026-16152","sourceIdentifier":"cna@vuldb.com","published":"2026-07-18T21:17:03.180","lastModified":"2026-07-18T21:17:03.180","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of the file /edit_rooma.php. Performing a manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SourceCodester","product":"Class and Exam Timetabling System","cpes":["cpe:2.3:a:sourcecodester:class_and_exam_timetabling_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/justconter/cve/issues/6","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-16152","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/857078","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/379918","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/379918/cti","source":"cna@vuldb.com"},{"url":"https://www.sourcecodester.com/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-16154","sourceIdentifier":"cna@vuldb.com","published":"2026-07-18T21:17:03.343","lastModified":"2026-07-18T21:17:03.343","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/1.php. Affected by this vulnerability is an unknown functionality of the file /edit_room1.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SourceCodester","product":"Class and Exam Timetabling System","cpes":["cpe:2.3:a:sourcecodester:class_and_exam_timetabling_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"},{"version":"1.php","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/justconter/cve/issues/5","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-16154","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/857079","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/379919","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/379919/cti","source":"cna@vuldb.com"},{"url":"https://www.sourcecodester.com/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-16155","sourceIdentifier":"cna@vuldb.com","published":"2026-07-18T21:17:03.507","lastModified":"2026-07-18T21:17:03.507","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /schoolyr.php. The manipulation of the argument sy leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and might be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SourceCodester","product":"Class and Exam Timetabling System","cpes":["cpe:2.3:a:sourcecodester:class_and_exam_timetabling_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.0,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://github.com/justconter/cve/issues/4","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-16155","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/857080","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/379920","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/379920/cti","source":"cna@vuldb.com"},{"url":"https://www.sourcecodester.com/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-57857","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-18T21:17:03.687","lastModified":"2026-07-18T21:17:03.687","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"The Flow Payment plugin for WordPress (flow.cl) version 3.0.8 is vulnerable to reflected cross-site scripting on the WooCommerce checkout page. When the plugin handles an order cancellation, the error_message GET parameter is passed directly to wc_add_notice() in flowpayment-fl.php (lines 57-58) without input sanitization (for example sanitize_text_field()) or output escaping (for example esc_html()) before being rendered in the checkout notice HTML. An unauthenticated attacker can craft a URL containing a JavaScript payload in the error_message parameter (for example /checkout/?add-to-cart={product-id}&cancel_order=true&error_message={payload}); when a victim with an active WooCommerce checkout session follows the link, the payload executes in the victim's browser in the origin of the WordPress site."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Flow","product":"Flow Payment","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"3.0.8","versionType":"semver","status":"affected"},{"version":"3.0.9","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://www.flow.cl/","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/flow-payment-plugin-for-wordpress-reflected-cross-site-scripting-via-error-message-parameter","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-16156","sourceIdentifier":"cna@vuldb.com","published":"2026-07-18T22:16:43.667","lastModified":"2026-07-18T22:16:43.667","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown part of the file /forexam.php. The manipulation of the argument day results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SourceCodester","product":"Class and Exam Timetabling System","cpes":["cpe:2.3:a:sourcecodester:class_and_exam_timetabling_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.0,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://github.com/justconter/cve/issues/3","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-16156","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/857081","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/379921","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/379921/cti","source":"cna@vuldb.com"},{"url":"https://www.sourcecodester.com/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-16194","sourceIdentifier":"cna@vuldb.com","published":"2026-07-18T22:16:43.830","lastModified":"2026-07-18T22:16:43.830","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was determined in zhayujie CowAgent up to 2.1.1. This affects the function WebFetch.execute of the file agent/tools/web_fetch/web_fetch.py. Executing a manipulation of the argument url can lead to server-side request forgery. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.1.2 is able to mitigate this issue. This patch is called ea47f3097eed4f8295c4cb3d76ecb97e0f43d632. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"zhayujie","product":"CowAgent","cpes":["cpe:2.3:a:zhayujie:cowagent:*:*:*:*:*:*:*:*"],"versions":[{"version":"2.1.0","status":"affected"},{"version":"2.1.1","status":"affected"},{"version":"2.1.2","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"references":[{"url":"https://github.com/zhayujie/CowAgent/","source":"cna@vuldb.com"},{"url":"https://github.com/zhayujie/CowAgent/commit/ea47f3097eed4f8295c4cb3d76ecb97e0f43d632","source":"cna@vuldb.com"},{"url":"https://github.com/zhayujie/CowAgent/issues/2889","source":"cna@vuldb.com"},{"url":"https://github.com/zhayujie/CowAgent/pull/2900","source":"cna@vuldb.com"},{"url":"https://github.com/zhayujie/CowAgent/releases/tag/2.1.2","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-16194","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/857620","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380009","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380009/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-10130","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-18T23:17:00.397","lastModified":"2026-07-18T23:17:00.397","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"QueryWeaver contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain valid session tokens for existing accounts by submitting a signup request with a known victim email address. The signup route unconditionally creates and links a new token to the matching Identity via a Cypher MERGE operation before checking whether the email belongs to an existing account, causing the server to return a valid authenticated session token for the victim's identity without requiring any prior credentials or user interaction."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"FalkorDB","product":"QueryWeaver","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"0.2.0","versionType":"git","status":"affected"},{"version":"0.3.1","versionType":"git","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/FalkorDB/QueryWeaver","source":"disclosure@vulncheck.com"},{"url":"https://github.com/FalkorDB/QueryWeaver/commit/e6a49f508191d0f1bdad0f146da43819e7849f18","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/queryweaver-authentication-bypass-via-email-signup-token-issuance-for-existing-accounts","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-16195","sourceIdentifier":"cna@vuldb.com","published":"2026-07-18T23:17:00.847","lastModified":"2026-07-18T23:17:00.847","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in Sipeed PicoClaw up to 0.2.9. This issue affects the function dispatchIncoming of the file pkg/channels/wecom/wecom.go of the component Group Message Handler. The manipulation results in incorrect authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The reported GitHub issue was closed automatically due to inactivity."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Sipeed","product":"PicoClaw","cpes":["cpe:2.3:a:sipeed:picoclaw:*:*:*:*:*:*:*:*"],"modules":["Group Message Handler"],"versions":[{"version":"0.2.0","status":"affected"},{"version":"0.2.1","status":"affected"},{"version":"0.2.2","status":"affected"},{"version":"0.2.3","status":"affected"},{"version":"0.2.4","status":"affected"},{"version":"0.2.5","status":"affected"},{"version":"0.2.6","status":"affected"},{"version":"0.2.7","status":"affected"},{"version":"0.2.8","status":"affected"},{"version":"0.2.9","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-285"},{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/sipeed/picoclaw/","source":"cna@vuldb.com"},{"url":"https://github.com/sipeed/picoclaw/issues/3076","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-16195","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/852962","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380011","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380011/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-16196","sourceIdentifier":"cna@vuldb.com","published":"2026-07-18T23:17:01.010","lastModified":"2026-07-18T23:17:01.010","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"A weakness has been identified in Sipeed PicoClaw up to 0.2.9. Impacted is the function isPrivateOrRestrictedIP of the file pkg/tools/integration/web.go of the component web_fetch. This manipulation causes server-side request forgery. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. Patch name: 2efbe5d560e7ed9bc5209c203dc4aa6ecdbc7405. To fix this issue, it is recommended to deploy a patch."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Sipeed","product":"PicoClaw","cpes":["cpe:2.3:a:sipeed:picoclaw:*:*:*:*:*:*:*:*"],"modules":["web_fetch"],"versions":[{"version":"0.2.0","status":"affected"},{"version":"0.2.1","status":"affected"},{"version":"0.2.2","status":"affected"},{"version":"0.2.3","status":"affected"},{"version":"0.2.4","status":"affected"},{"version":"0.2.5","status":"affected"},{"version":"0.2.6","status":"affected"},{"version":"0.2.7","status":"affected"},{"version":"0.2.8","status":"affected"},{"version":"0.2.9","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"references":[{"url":"https://github.com/sipeed/picoclaw/","source":"cna@vuldb.com"},{"url":"https://github.com/sipeed/picoclaw/commit/2efbe5d560e7ed9bc5209c203dc4aa6ecdbc7405","source":"cna@vuldb.com"},{"url":"https://github.com/sipeed/picoclaw/issues/3077","source":"cna@vuldb.com"},{"url":"https://github.com/sipeed/picoclaw/pull/3085","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-16196","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/852963","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380012","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380012/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-16197","sourceIdentifier":"cna@vuldb.com","published":"2026-07-18T23:17:01.187","lastModified":"2026-07-18T23:17:01.187","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"A security vulnerability has been detected in Sipeed PicoClaw up to 0.2.9. The affected element is the function handleMessageReceive of the file pkg/channels/feishu/feishu_64.go of the component Group Message Handler. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The reported GitHub issue was closed automatically due to inactivity."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Sipeed","product":"PicoClaw","cpes":["cpe:2.3:a:sipeed:picoclaw:*:*:*:*:*:*:*:*"],"modules":["Group Message Handler"],"versions":[{"version":"0.2.0","status":"affected"},{"version":"0.2.1","status":"affected"},{"version":"0.2.2","status":"affected"},{"version":"0.2.3","status":"affected"},{"version":"0.2.4","status":"affected"},{"version":"0.2.5","status":"affected"},{"version":"0.2.6","status":"affected"},{"version":"0.2.7","status":"affected"},{"version":"0.2.8","status":"affected"},{"version":"0.2.9","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-862"},{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/sipeed/picoclaw/","source":"cna@vuldb.com"},{"url":"https://github.com/sipeed/picoclaw/issues/3082","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-16197","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/852964","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380013","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/380013/cti","source":"cna@vuldb.com"}]}}]}