Publish Advisories

GHSA-g7mr-vm94-3rv7
GHSA-29qh-jw3j-7gwj
GHSA-3cjc-vhfm-ffp2
GHSA-4p2f-67g5-7xhf
GHSA-5rfv-h47g-xj42
GHSA-c92r-g8j5-vhcx
GHSA-f43w-3fr5-h2m3
GHSA-hh72-xj72-2c38
GHSA-p6w4-7rrj-xwqx
GHSA-r7vr-m4jw-r794
GHSA-x274-8qfc-hrgf

Author: advisory-database[bot]

advisories/unreviewed/2025/11/GHSA-g7mr-vm94-3rv7/GHSA-g7mr-vm94-3rv7.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-g7mr-vm94-3rv7",
-  "modified": "2026-03-25T06:30:29Z",
+  "modified": "2026-04-09T12:31:10Z",
   "published": "2025-11-18T21:32:31Z",
   "aliases": [
     "CVE-2025-61662"
@@ -31,6 +31,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2025-61662"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:6492"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:5233"

advisories/unreviewed/2026/03/GHSA-29qh-jw3j-7gwj/GHSA-29qh-jw3j-7gwj.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-29qh-jw3j-7gwj",
-  "modified": "2026-04-01T15:30:56Z",
+  "modified": "2026-04-09T12:31:10Z",
   "published": "2026-03-05T06:30:28Z",
   "aliases": [
     "CVE-2026-28038"

advisories/unreviewed/2026/04/GHSA-3cjc-vhfm-ffp2/GHSA-3cjc-vhfm-ffp2.json

@@ -0,0 +1,35 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3cjc-vhfm-ffp2",
+  "modified": "2026-04-09T12:31:10Z",
+  "published": "2026-04-09T12:31:10Z",
+  "aliases": [
+    "CVE-2025-62188"
+  ],
+  "details": "An Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Apache DolphinScheduler.\n\nThis vulnerability may allow unauthorized actors to access sensitive information, including database credentials.\n\n\nThis issue affects Apache DolphinScheduler versions 3.1.*.\n\n\nUsers are recommended to upgrade to:\n\n\n\n\n\n\n\n  *  version ≥ 3.2.0 if using 3.1.x\n\n\n\n\n\n\nAs a temporary workaround, users who cannot upgrade immediately may restrict the exposed management endpoints by setting the following environment variable:\n\n\n```\nMANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE=health,metrics,prometheus\n```\n\nAlternatively, add the following configuration to the application.yaml file:\n\n\n```\nmanagement:\n   endpoints:\n     web:\n        exposure:\n          include: health,metrics,prometheus\n```\n\nThis issue has been reported as CVE-2023-48796:\n\n https://cveprocess.apache.org/cve5/CVE-2023-48796",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62188"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.apache.org/thread/ffrmkcwgr2lcz0f5nnnyswhpn3fytsvo"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48796"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-200"
+    ],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-09T10:16:20Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-4p2f-67g5-7xhf/GHSA-4p2f-67g5-7xhf.json

@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-4p2f-67g5-7xhf",
+  "modified": "2026-04-09T12:31:11Z",
+  "published": "2026-04-09T12:31:11Z",
+  "aliases": [
+    "CVE-2024-1490"
+  ],
+  "details": "An authenticated remote attacker with high privileges can exploit the OpenVPN configuration via the web-based management interface of a WAGO PLC. If user-defined scripts are permitted, OpenVPN may allow the execution of arbitrary shell commands enabling the attacker to run arbitrary commands on the device.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1490"
+    },
+    {
+      "type": "WEB",
+      "url": "https://certvde.com/de/advisories/VDE-2024-008"
+    },
+    {
+      "type": "WEB",
+      "url": "https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2024-008.json"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-94"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-09T11:16:19Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-5rfv-h47g-xj42/GHSA-5rfv-h47g-xj42.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5rfv-h47g-xj42",
+  "modified": "2026-04-09T12:31:11Z",
+  "published": "2026-04-09T12:31:11Z",
+  "aliases": [
+    "CVE-2026-24661"
+  ],
+  "details": "Mattermost Plugins versions <=2.1.3.0 fail to limit the request body size on the {{/changes}} webhook endpoint which allows an authenticated attacker to cause memory exhaustion and denial of service via sending an oversized JSON payload. Mattermost Advisory ID: MMSA-2026-00611",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24661"
+    },
+    {
+      "type": "WEB",
+      "url": "https://mattermost.com/security-updates"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-770"
+    ],
+    "severity": "LOW",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-09T11:16:21Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-c92r-g8j5-vhcx/GHSA-c92r-g8j5-vhcx.json

@@ -0,0 +1,39 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-c92r-g8j5-vhcx",
+  "modified": "2026-04-09T12:31:11Z",
+  "published": "2026-04-09T12:31:11Z",
+  "aliases": [
+    "CVE-2025-57735"
+  ],
+  "details": "When user logged out, the JWT token the user had authtenticated with was not invalidated, which could lead to reuse of that token in case it was intercepted. In Airflow 3.2 we implemented the mechanism that implements token invalidation at logout. Users who are concerned about the logout scenario and possibility of intercepting the tokens, should upgrade to Airflow 3.2+\n\n\n\nUsers are recommended to upgrade to version 3.2.0, which fixes this issue.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57735"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/apache/airflow/pull/56633"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/apache/airflow/pull/61339"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.apache.org/thread/ovn8mpd8zkc604hojt7x3wsw3kc60x98"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-613"
+    ],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-09T11:16:20Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-f43w-3fr5-h2m3/GHSA-f43w-3fr5-h2m3.json

@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-f43w-3fr5-h2m3",
+  "modified": "2026-04-09T12:31:11Z",
+  "published": "2026-04-09T12:31:10Z",
+  "aliases": [
+    "CVE-2026-4901"
+  ],
+  "details": "Hydrosystem Control System saves sensitive information into a log file. Critically, user credentials are logged allowing the attacker to obtain further authorized access into the system. Combined with vulnerability CVE-2026-34184, these sensitive information could be accessed by an unauthorized user.This issue was fixed in Hydrosystem Control System version 9.8.5",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4901"
+    },
+    {
+      "type": "WEB",
+      "url": "https://cert.pl/posts/2026/04/CVE-2026-4901"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.hydrosystem.poznan.pl"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-532"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-09T10:16:22Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-hh72-xj72-2c38/GHSA-hh72-xj72-2c38.json

@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-hh72-xj72-2c38",
+  "modified": "2026-04-09T12:31:10Z",
+  "published": "2026-04-09T12:31:10Z",
+  "aliases": [
+    "CVE-2026-34184"
+  ],
+  "details": "Hydrosystem Control System does not enforce authorization for some directories. This allows an unauthorized attacker to read all files in these directories and even execute some of them. Critically the attacker could run PHP scripts directly on the connected database.This issue was fixed in Hydrosystem Control System version 9.8.5",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34184"
+    },
+    {
+      "type": "WEB",
+      "url": "https://cert.pl/posts/2026/04/CVE-2026-4901"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.hydrosystem.poznan.pl"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-862"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-09T10:16:22Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-p6w4-7rrj-xwqx/GHSA-p6w4-7rrj-xwqx.json

@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-p6w4-7rrj-xwqx",
+  "modified": "2026-04-09T12:31:11Z",
+  "published": "2026-04-09T12:31:11Z",
+  "aliases": [
+    "CVE-2026-34185"
+  ],
+  "details": "Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, potentially gaining full control over the database.This issue was fixed in Hydrosystem Control System version 9.8.5",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34185"
+    },
+    {
+      "type": "WEB",
+      "url": "https://cert.pl/posts/2026/04/CVE-2026-4901"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.hydrosystem.poznan.pl"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-09T10:16:22Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-r7vr-m4jw-r794/GHSA-r7vr-m4jw-r794.json

@@ -0,0 +1,39 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-r7vr-m4jw-r794",
+  "modified": "2026-04-09T12:31:11Z",
+  "published": "2026-04-09T12:31:10Z",
+  "aliases": [
+    "CVE-2026-34538"
+  ],
+  "details": "Apache Airflow versions 3.0.0 through 3.1.8 DagRun wait endpoint returns XCom result values even to users who only have DAG Run read permissions, such as the Viewer role.This behavior conflicts with the FAB RBAC model, which treats XCom as a separate protected resource, and with the security model documentation that defines the Viewer role as read-only.\n\nAirflow uses the FAB Auth Manager to manage access control on a per-resource basis. The Viewer role is intended to be read-only by default, and the security model documentation defines Viewer users as those who can inspect DAGs without accessing sensitive execution results.\n\nUsers are recommended to upgrade to Apache Airflow 3.2.0 which resolves this issue.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34538"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/apache/airflow/pull/64415"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.apache.org/thread/9mq3msqhmgjwdzbr6bgthj4brb3oz9fl"
+    },
+    {
+      "type": "WEB",
+      "url": "http://www.openwall.com/lists/oss-security/2026/04/09/9"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-668"
+    ],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-09T10:16:22Z"
+  }
+}