Advisory Database Sync

Author: advisory-database[bot]

advisories/unreviewed/2026/03/GHSA-33r5-g5m3-5m79/GHSA-33r5-g5m3-5m79.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-33r5-g5m3-5m79",
-  "modified": "2026-03-30T21:31:04Z",
+  "modified": "2026-03-31T21:31:18Z",
   "published": "2026-03-30T21:31:04Z",
   "aliases": [
     "CVE-2026-3502"
@@ -19,6 +19,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3502"
     },
+    {
+      "type": "WEB",
+      "url": "https://research.checkpoint.com/2026/operation-truechaos-0-day-exploitation-against-southeast-asian-government-targets"
+    },
     {
       "type": "WEB",
       "url": "https://trueconf.com/blog/update/trueconf-8-5"

advisories/unreviewed/2026/03/GHSA-39fw-r4pr-87rj/GHSA-39fw-r4pr-87rj.json

@@ -46,7 +46,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-119"
+      "CWE-119",
+      "CWE-787"
     ],
     "severity": "HIGH",
     "github_reviewed": false,

advisories/unreviewed/2026/03/GHSA-3vp9-wjw8-vgmx/GHSA-3vp9-wjw8-vgmx.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-3vp9-wjw8-vgmx",
-  "modified": "2026-03-27T06:31:43Z",
+  "modified": "2026-03-31T21:31:15Z",
   "published": "2026-03-27T06:31:43Z",
   "aliases": [
     "CVE-2026-33280"

advisories/unreviewed/2026/03/GHSA-42h9-h8r4-fwqg/GHSA-42h9-h8r4-fwqg.json

@@ -0,0 +1,60 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-42h9-h8r4-fwqg",
+  "modified": "2026-03-31T21:31:20Z",
+  "published": "2026-03-31T21:31:20Z",
+  "aliases": [
+    "CVE-2026-5212"
+  ],
+  "details": "A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function Webdav_Upload_File of the file /cgi-bin/webdav_mgr.cgi. The manipulation of the argument f_file leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5212"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_166/166.md"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/submit/780435"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/submit/780436"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/vuln/354348"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/vuln/354348/cti"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.dlink.com"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-119"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-03-31T21:16:33Z"
+  }
+}

advisories/unreviewed/2026/03/GHSA-4368-7mjc-5763/GHSA-4368-7mjc-5763.json

@@ -26,7 +26,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-400"
+      "CWE-400",
+      "CWE-787"
     ],
     "severity": "MODERATE",
     "github_reviewed": false,

advisories/unreviewed/2026/03/GHSA-46q8-mxmv-wf7q/GHSA-46q8-mxmv-wf7q.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-46q8-mxmv-wf7q",
-  "modified": "2026-03-23T18:30:32Z",
+  "modified": "2026-03-31T21:31:14Z",
   "published": "2026-03-23T18:30:32Z",
   "aliases": [
     "CVE-2025-15605"
   ],
   "details": "A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them, and re-encrypt them, affecting the confidentiality and integrity of device configuration data.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
@@ -42,7 +46,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-321"
+      "CWE-321",
+      "CWE-798"
     ],
     "severity": "HIGH",
     "github_reviewed": false,

advisories/unreviewed/2026/03/GHSA-54mj-887p-jvcm/GHSA-54mj-887p-jvcm.json

@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-54mj-887p-jvcm",
+  "modified": "2026-03-31T21:31:18Z",
+  "published": "2026-03-31T21:31:18Z",
+  "aliases": [
+    "CVE-2026-5210"
+  ],
+  "details": "A vulnerability was detected in SourceCodester Leave Application System 1.0. This affects an unknown part. Performing a manipulation of the argument page results in file inclusion. Remote exploitation of the attack is possible. The exploit is now public and may be used.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5210"
+    },
+    {
+      "type": "WEB",
+      "url": "https://medium.com/@hemantrajbhati5555/local-file-inclusion-lfi-in-leave-application-system-php-sqlite3-4e095bb7ee40"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/submit/780419"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/vuln/354346"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/vuln/354346/cti"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.sourcecodester.com"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-73"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-03-31T19:16:29Z"
+  }
+}

advisories/unreviewed/2026/03/GHSA-553r-96gg-xwgx/GHSA-553r-96gg-xwgx.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-553r-96gg-xwgx",
-  "modified": "2026-03-23T18:30:32Z",
+  "modified": "2026-03-31T21:31:14Z",
   "published": "2026-03-23T18:30:32Z",
   "aliases": [
     "CVE-2025-15519"
   ],
   "details": "Improper input handling in a modem-management administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary commands on the operating system, impacting the confidentiality, integrity, and availability of the device.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2026/03/GHSA-56vh-x74x-6hg7/GHSA-56vh-x74x-6hg7.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-56vh-x74x-6hg7",
+  "modified": "2026-03-31T21:31:20Z",
+  "published": "2026-03-31T21:31:20Z",
+  "aliases": [
+    "CVE-2026-3468"
+  ],
+  "details": "A stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allowing a remote authenticated attacker as admin user to potentially execute arbitrary JavaScript code.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3468"
+    },
+    {
+      "type": "WEB",
+      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0002"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-03-31T21:16:32Z"
+  }
+}

advisories/unreviewed/2026/03/GHSA-6mq5-gjcx-rvxq/GHSA-6mq5-gjcx-rvxq.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6mq5-gjcx-rvxq",
-  "modified": "2026-03-23T18:30:32Z",
+  "modified": "2026-03-31T21:31:13Z",
   "published": "2026-03-23T18:30:32Z",
   "aliases": [
     "CVE-2025-15518"
   ],
   "details": "Improper input handling in a wireless-control administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary commands on the operating system, impacting the confidentiality, integrity, and availability of the device.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"