Skip to content

Commit 5610a35

Browse files
Advisory Database Sync
1 parent c949670 commit 5610a35

44 files changed

Lines changed: 1184 additions & 54 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

advisories/unreviewed/2026/03/GHSA-c75f-55f6-f63q/GHSA-c75f-55f6-f63q.json

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-c75f-55f6-f63q",
4-
"modified": "2026-05-28T03:31:15Z",
4+
"modified": "2026-06-04T18:30:24Z",
55
"published": "2026-03-19T15:31:21Z",
66
"aliases": [
77
"CVE-2026-4424"
@@ -23,6 +23,10 @@
2323
"type": "WEB",
2424
"url": "https://github.com/libarchive/libarchive/pull/2898"
2525
},
26+
{
27+
"type": "WEB",
28+
"url": "https://access.redhat.com/errata/RHSA-2026:10065"
29+
},
2630
{
2731
"type": "WEB",
2832
"url": "https://access.redhat.com/errata/RHSA-2026:8510"
@@ -87,10 +91,6 @@
8791
"type": "WEB",
8892
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449006"
8993
},
90-
{
91-
"type": "WEB",
92-
"url": "https://access.redhat.com/errata/RHSA-2026:10065"
93-
},
9494
{
9595
"type": "WEB",
9696
"url": "https://access.redhat.com/errata/RHSA-2026:10097"
@@ -155,6 +155,10 @@
155155
"type": "WEB",
156156
"url": "https://access.redhat.com/errata/RHSA-2026:20040"
157157
},
158+
{
159+
"type": "WEB",
160+
"url": "https://access.redhat.com/errata/RHSA-2026:21690"
161+
},
158162
{
159163
"type": "WEB",
160164
"url": "https://access.redhat.com/errata/RHSA-2026:8492"

advisories/unreviewed/2026/04/GHSA-2c4x-699h-vw5x/GHSA-2c4x-699h-vw5x.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-2c4x-699h-vw5x",
4-
"modified": "2026-06-03T15:30:37Z",
4+
"modified": "2026-06-04T18:30:24Z",
55
"published": "2026-04-08T18:34:07Z",
66
"aliases": [
77
"CVE-2026-2377"
@@ -35,6 +35,10 @@
3535
"type": "WEB",
3636
"url": "https://access.redhat.com/errata/RHSA-2026:22840"
3737
},
38+
{
39+
"type": "WEB",
40+
"url": "https://access.redhat.com/errata/RHSA-2026:23361"
41+
},
3842
{
3943
"type": "WEB",
4044
"url": "https://access.redhat.com/security/cve/CVE-2026-2377"

advisories/unreviewed/2026/04/GHSA-5mqr-3465-c7p6/GHSA-5mqr-3465-c7p6.json

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-5mqr-3465-c7p6",
4-
"modified": "2026-06-04T12:30:25Z",
4+
"modified": "2026-06-04T18:30:26Z",
55
"published": "2026-04-23T18:33:03Z",
66
"aliases": [
77
"CVE-2026-34003"
@@ -19,10 +19,6 @@
1919
"type": "ADVISORY",
2020
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34003"
2121
},
22-
{
23-
"type": "WEB",
24-
"url": "https://access.redhat.com/errata/RHSA-2026:10739"
25-
},
2622
{
2723
"type": "WEB",
2824
"url": "https://access.redhat.com/errata/RHSA-2026:20563"
@@ -79,6 +75,10 @@
7975
"type": "WEB",
8076
"url": "https://access.redhat.com/errata/RHSA-2026:23254"
8177
},
78+
{
79+
"type": "WEB",
80+
"url": "https://access.redhat.com/errata/RHSA-2026:23255"
81+
},
8282
{
8383
"type": "WEB",
8484
"url": "https://access.redhat.com/security/cve/CVE-2026-34003"
@@ -87,6 +87,10 @@
8787
"type": "WEB",
8888
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451113"
8989
},
90+
{
91+
"type": "WEB",
92+
"url": "https://access.redhat.com/errata/RHSA-2026:10739"
93+
},
9094
{
9195
"type": "WEB",
9296
"url": "https://access.redhat.com/errata/RHSA-2026:11352"

advisories/unreviewed/2026/04/GHSA-7fjh-cgxv-cjc6/GHSA-7fjh-cgxv-cjc6.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-7fjh-cgxv-cjc6",
4-
"modified": "2026-06-03T15:30:37Z",
4+
"modified": "2026-06-04T18:30:24Z",
55
"published": "2026-04-08T18:34:08Z",
66
"aliases": [
77
"CVE-2026-32589"
@@ -39,6 +39,10 @@
3939
"type": "WEB",
4040
"url": "https://access.redhat.com/errata/RHSA-2026:22840"
4141
},
42+
{
43+
"type": "WEB",
44+
"url": "https://access.redhat.com/errata/RHSA-2026:23361"
45+
},
4246
{
4347
"type": "WEB",
4448
"url": "https://access.redhat.com/security/cve/CVE-2026-32589"

advisories/unreviewed/2026/04/GHSA-cjgm-66pw-5r9r/GHSA-cjgm-66pw-5r9r.json

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-cjgm-66pw-5r9r",
4-
"modified": "2026-06-04T12:30:25Z",
4+
"modified": "2026-06-04T18:30:26Z",
55
"published": "2026-04-23T18:33:03Z",
66
"aliases": [
77
"CVE-2026-34001"
@@ -19,10 +19,6 @@
1919
"type": "ADVISORY",
2020
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34001"
2121
},
22-
{
23-
"type": "WEB",
24-
"url": "https://access.redhat.com/errata/RHSA-2026:10739"
25-
},
2622
{
2723
"type": "WEB",
2824
"url": "https://access.redhat.com/errata/RHSA-2026:20563"
@@ -79,6 +75,10 @@
7975
"type": "WEB",
8076
"url": "https://access.redhat.com/errata/RHSA-2026:23254"
8177
},
78+
{
79+
"type": "WEB",
80+
"url": "https://access.redhat.com/errata/RHSA-2026:23255"
81+
},
8282
{
8383
"type": "WEB",
8484
"url": "https://access.redhat.com/security/cve/CVE-2026-34001"
@@ -87,6 +87,10 @@
8787
"type": "WEB",
8888
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451109"
8989
},
90+
{
91+
"type": "WEB",
92+
"url": "https://access.redhat.com/errata/RHSA-2026:10739"
93+
},
9094
{
9195
"type": "WEB",
9296
"url": "https://access.redhat.com/errata/RHSA-2026:11352"

advisories/unreviewed/2026/04/GHSA-g562-3mh5-27v6/GHSA-g562-3mh5-27v6.json

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-g562-3mh5-27v6",
4-
"modified": "2026-06-04T12:30:25Z",
4+
"modified": "2026-06-04T18:30:25Z",
55
"published": "2026-04-23T18:33:03Z",
66
"aliases": [
77
"CVE-2026-33999"
@@ -19,10 +19,6 @@
1919
"type": "ADVISORY",
2020
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33999"
2121
},
22-
{
23-
"type": "WEB",
24-
"url": "https://access.redhat.com/errata/RHSA-2026:10739"
25-
},
2622
{
2723
"type": "WEB",
2824
"url": "https://access.redhat.com/errata/RHSA-2026:20563"
@@ -79,6 +75,10 @@
7975
"type": "WEB",
8076
"url": "https://access.redhat.com/errata/RHSA-2026:23254"
8177
},
78+
{
79+
"type": "WEB",
80+
"url": "https://access.redhat.com/errata/RHSA-2026:23255"
81+
},
8282
{
8383
"type": "WEB",
8484
"url": "https://access.redhat.com/security/cve/CVE-2026-33999"
@@ -87,6 +87,10 @@
8787
"type": "WEB",
8888
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451106"
8989
},
90+
{
91+
"type": "WEB",
92+
"url": "https://access.redhat.com/errata/RHSA-2026:10739"
93+
},
9094
{
9195
"type": "WEB",
9296
"url": "https://access.redhat.com/errata/RHSA-2026:11352"

advisories/unreviewed/2026/04/GHSA-g5fc-f834-rcr2/GHSA-g5fc-f834-rcr2.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-g5fc-f834-rcr2",
4-
"modified": "2026-06-02T15:31:54Z",
4+
"modified": "2026-06-04T18:30:23Z",
55
"published": "2026-04-03T03:31:02Z",
66
"aliases": [
77
"CVE-2026-35535"
@@ -35,6 +35,10 @@
3535
"type": "WEB",
3636
"url": "https://cert-portal.siemens.com/productcert/html/ssa-253495.html"
3737
},
38+
{
39+
"type": "WEB",
40+
"url": "https://lists.debian.org/debian-lts-announce/2026/06/msg00003.html"
41+
},
3842
{
3943
"type": "WEB",
4044
"url": "https://www.qualys.com/2026/03/10/crack-armor.txt"

advisories/unreviewed/2026/04/GHSA-mvqc-wfv6-7764/GHSA-mvqc-wfv6-7764.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-mvqc-wfv6-7764",
4-
"modified": "2026-06-03T15:30:37Z",
4+
"modified": "2026-06-04T18:30:25Z",
55
"published": "2026-04-08T18:34:08Z",
66
"aliases": [
77
"CVE-2026-32590"
@@ -39,6 +39,10 @@
3939
"type": "WEB",
4040
"url": "https://access.redhat.com/errata/RHSA-2026:22840"
4141
},
42+
{
43+
"type": "WEB",
44+
"url": "https://access.redhat.com/errata/RHSA-2026:23361"
45+
},
4246
{
4347
"type": "WEB",
4448
"url": "https://access.redhat.com/security/cve/CVE-2026-32590"

advisories/unreviewed/2026/05/GHSA-58wp-jwch-fgj5/GHSA-58wp-jwch-fgj5.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-58wp-jwch-fgj5",
4-
"modified": "2026-05-28T12:30:34Z",
4+
"modified": "2026-06-04T18:30:25Z",
55
"published": "2026-05-28T12:30:34Z",
66
"aliases": [
77
"CVE-2026-9813"
88
],
99
"details": "FlowIntel up to version 3.3.0 contains a server-side request forgery (SSRF) vulnerability in the external reference URL probe functionality in app/case/task.py. An attacker who can submit an external reference URL can cause the application server to issue an HTTP HEAD request to an attacker-specified destination. Due to insufficient validation of the URL scheme and resolved destination address, affected versions may allow requests to loopback, link-local, private, reserved, or other restricted network resources, potentially enabling interaction with internal services or cloud metadata endpoints from the server's network context.",
1010
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"
14+
},
1115
{
1216
"type": "CVSS_V4",
1317
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:L/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:X/R:X/V:X/RE:L/U:Green"
Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-2q9g-666g-vcp9",
4+
"modified": "2026-06-04T18:30:33Z",
5+
"published": "2026-06-04T18:30:33Z",
6+
"aliases": [
7+
"CVE-2026-25550"
8+
],
9+
"details": "Seagull Software BarTender 2010, 2016, and 2019 contain an unauthenticated remote code execution vulnerability in the .NET Remoting service exposed on TCP port 7375 via BtSystem.Service.exe. The service registers an unauthenticated singleton endpoint — BarTenderSystem for BarTender 2016 <= R9, and DataServiceSingleton for BarTender 2019 <= R10 — configured with BinaryServerFormatterSinkProvider and TypeFilterLevel set to Full. An unauthenticated remote attacker can exploit .NET Remoting object unmarshalling to read or write arbitrary files on the server using the .NET WebClient class, or coerce NTLMv2 authentication by supplying a UNC path to an attacker-controlled server, enabling sensitive credential disclosure, remote code execution, or lateral movement depending on service account privileges and network environment. The service runs in the context of NT AUTHORITY\\SYSTEM.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25550"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://portal.seagullscientific.com/downloads/bartender"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://www.vulncheck.com/advisories/seagull-software-bartender-unauthenticated-rce-via-net-remoting-service"
33+
}
34+
],
35+
"database_specific": {
36+
"cwe_ids": [
37+
"CWE-306"
38+
],
39+
"severity": "CRITICAL",
40+
"github_reviewed": false,
41+
"github_reviewed_at": null,
42+
"nvd_published_at": "2026-06-04T18:16:28Z"
43+
}
44+
}

0 commit comments

Comments
 (0)