Skip to content

Commit 9aa4983

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-2g4m-3wvw-crq2 GHSA-2v62-qxwf-qh42 GHSA-4g4x-f3f9-gpq4 GHSA-53jf-v56h-xgqg GHSA-56hx-r887-5w6h GHSA-669m-x2jm-gm59 GHSA-6cp6-7hgg-4x9m GHSA-6v6h-rfvh-83r8 GHSA-8f2q-5jx5-qqfg GHSA-cgmp-3cx7-qfjw GHSA-m245-c8r9-78c2 GHSA-m7fh-6hhf-3m68 GHSA-qcx9-4fj7-jf29 GHSA-qw2j-qjh4-32jw GHSA-r3ww-97x6-6h4v GHSA-rr4h-g2x9-f96p GHSA-x9jq-3w57-m487 GHSA-xwx5-hj9g-f35h
1 parent 2c2bf2e commit 9aa4983

File tree

18 files changed

+758
-0
lines changed

18 files changed

+758
-0
lines changed

advisories/unreviewed/2026/04/GHSA-2g4m-3wvw-crq2/GHSA-2g4m-3wvw-crq2.json

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-2g4m-3wvw-crq2",
4+
"modified": "2026-04-01T09:31:27Z",
5+
"published": "2026-04-01T09:31:27Z",
6+
"aliases": [
7+
"CVE-2026-23401"
8+
],
9+
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE\n\nWhen installing an emulated MMIO SPTE, do so *after* dropping/zapping the\nexisting SPTE (if it's shadow-present). While commit a54aa15c6bda3 was\nright about it being impossible to convert a shadow-present SPTE to an\nMMIO SPTE due to a _guest_ write, it failed to account for writes to guest\nmemory that are outside the scope of KVM.\n\nE.g. if host userspace modifies a shadowed gPTE to switch from a memslot\nto emulted MMIO and then the guest hits a relevant page fault, KVM will\ninstall the MMIO SPTE without first zapping the shadow-present SPTE.\n\n ------------[ cut here ]------------\n is_shadow_present_pte(*sptep)\n WARNING: arch/x86/kvm/mmu/mmu.c:484 at mark_mmio_spte+0xb2/0xc0 [kvm], CPU#0: vmx_ept_stale_r/4292\n Modules linked in: kvm_intel kvm irqbypass\n CPU: 0 UID: 1000 PID: 4292 Comm: vmx_ept_stale_r Not tainted 7.0.0-rc2-eafebd2d2ab0-sink-vm #319 PREEMPT\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:mark_mmio_spte+0xb2/0xc0 [kvm]\n Call Trace:\n <TASK>\n mmu_set_spte+0x237/0x440 [kvm]\n ept_page_fault+0x535/0x7f0 [kvm]\n kvm_mmu_do_page_fault+0xee/0x1f0 [kvm]\n kvm_mmu_page_fault+0x8d/0x620 [kvm]\n vmx_handle_exit+0x18c/0x5a0 [kvm_intel]\n kvm_arch_vcpu_ioctl_run+0xc55/0x1c20 [kvm]\n kvm_vcpu_ioctl+0x2d5/0x980 [kvm]\n __x64_sys_ioctl+0x8a/0xd0\n do_syscall_64+0xb5/0x730\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n RIP: 0033:0x47fa3f\n </TASK>\n ---[ end trace 0000000000000000 ]---",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23401"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://git.kernel.org/stable/c/aad885e774966e97b675dfe928da164214a71605"
20+
}
21+
],
22+
"database_specific": {
23+
"cwe_ids": [],
24+
"severity": null,
25+
"github_reviewed": false,
26+
"github_reviewed_at": null,
27+
"nvd_published_at": "2026-04-01T09:16:15Z"
28+
}
29+
}

advisories/unreviewed/2026/04/GHSA-2v62-qxwf-qh42/GHSA-2v62-qxwf-qh42.json

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-2v62-qxwf-qh42",
4+
"modified": "2026-04-01T09:31:26Z",
5+
"published": "2026-04-01T09:31:26Z",
6+
"aliases": [
7+
"CVE-2026-4748"
8+
],
9+
"details": "A regression in the way hashes were calculated caused rules containing the address range syntax (x.x.x.x - y.y.y.y) that only differ in the address range(s) involved to be silently dropped as duplicates. Only the first of such rules is actually loaded into pf. Ranges expressed using the address[/mask-bits] syntax were not affected.\n\nSome keywords representing actions taken on a packet-matching rule, such as 'log', 'return tll', or 'dnpipe', may suffer from the same issue. It is unlikely that users have such configurations, as these rules would always be redundant.\n\nAffected rules are silently ignored, which can lead to unexpected behaviour including over- and underblocking.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4748"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://security.freebsd.org/advisories/FreeBSD-SA-26:09.pf.asc"
20+
}
21+
],
22+
"database_specific": {
23+
"cwe_ids": [
24+
"CWE-480"
25+
],
26+
"severity": null,
27+
"github_reviewed": false,
28+
"github_reviewed_at": null,
29+
"nvd_published_at": "2026-04-01T07:16:02Z"
30+
}
31+
}

advisories/unreviewed/2026/04/GHSA-4g4x-f3f9-gpq4/GHSA-4g4x-f3f9-gpq4.json

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-4g4x-f3f9-gpq4",
4+
"modified": "2026-04-01T09:31:28Z",
5+
"published": "2026-04-01T09:31:28Z",
6+
"aliases": [
7+
"CVE-2026-23411"
8+
],
9+
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix race between freeing data and fs accessing it\n\nAppArmor was putting the reference to i_private data on its end after\nremoving the original entry from the file system. However the inode\ncan aand does live beyond that point and it is possible that some of\nthe fs call back functions will be invoked after the reference has\nbeen put, which results in a race between freeing the data and\naccessing it through the fs.\n\nWhile the rawdata/loaddata is the most likely candidate to fail the\nrace, as it has the fewest references. If properly crafted it might be\npossible to trigger a race for the other types stored in i_private.\n\nFix this by moving the put of i_private referenced data to the correct\nplace which is during inode eviction.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23411"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://git.kernel.org/stable/c/13bc2772414d68e94e273dea013181a986948ddf"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://git.kernel.org/stable/c/2a732ed26fbd048e7925d227af8cf9ea43fb5cc9"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "https://git.kernel.org/stable/c/8e135b8aee5a06c52a4347a5a6d51223c6f36ba3"
28+
},
29+
{
30+
"type": "WEB",
31+
"url": "https://git.kernel.org/stable/c/ae10787d955fb255d381e0d5589451dd72c614b1"
32+
},
33+
{
34+
"type": "WEB",
35+
"url": "https://git.kernel.org/stable/c/eecce026399917f6efa532c56bc7a3e9dd6ee68b"
36+
}
37+
],
38+
"database_specific": {
39+
"cwe_ids": [],
40+
"severity": null,
41+
"github_reviewed": false,
42+
"github_reviewed_at": null,
43+
"nvd_published_at": "2026-04-01T09:16:17Z"
44+
}
45+
}

advisories/unreviewed/2026/04/GHSA-53jf-v56h-xgqg/GHSA-53jf-v56h-xgqg.json

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-53jf-v56h-xgqg",
4+
"modified": "2026-04-01T09:31:28Z",
5+
"published": "2026-04-01T09:31:28Z",
6+
"aliases": [
7+
"CVE-2026-23409"
8+
],
9+
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix differential encoding verification\n\nDifferential encoding allows loops to be created if it is abused. To\nprevent this the unpack should verify that a diff-encode chain\nterminates.\n\nUnfortunately the differential encode verification had two bugs.\n\n1. it conflated states that had gone through check and already been\n marked, with states that were currently being checked and marked.\n This means that loops in the current chain being verified are treated\n as a chain that has already been verified.\n\n2. the order bailout on already checked states compared current chain\n check iterators j,k instead of using the outer loop iterator i.\n Meaning a step backwards in states in the current chain verification\n was being mistaken for moving to an already verified state.\n\nMove to a double mark scheme where already verified states get a\ndifferent mark, than the current chain being kept. This enables us\nto also drop the backwards verification check that was the cause of\nthe second error as any already verified state is already marked.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23409"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://git.kernel.org/stable/c/1ff4857fac56ac5a90ee63b24db05fa5e91a45aa"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://git.kernel.org/stable/c/34fc60b125ed1d4eb002c76b0664bf0619492167"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "https://git.kernel.org/stable/c/39440b137546a3aa383cfdabc605fb73811b6093"
28+
},
29+
{
30+
"type": "WEB",
31+
"url": "https://git.kernel.org/stable/c/623a9d211bbbb031bb1cbdb38b23487648167f8a"
32+
},
33+
{
34+
"type": "WEB",
35+
"url": "https://git.kernel.org/stable/c/f90e3ecd9e1ed69f1a370f866ceed1f104f3ab4a"
36+
}
37+
],
38+
"database_specific": {
39+
"cwe_ids": [],
40+
"severity": null,
41+
"github_reviewed": false,
42+
"github_reviewed_at": null,
43+
"nvd_published_at": "2026-04-01T09:16:16Z"
44+
}
45+
}

advisories/unreviewed/2026/04/GHSA-56hx-r887-5w6h/GHSA-56hx-r887-5w6h.json

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-56hx-r887-5w6h",
4+
"modified": "2026-04-01T09:31:28Z",
5+
"published": "2026-04-01T09:31:27Z",
6+
"aliases": [
7+
"CVE-2026-23406"
8+
],
9+
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix side-effect bug in match_char() macro usage\n\nThe match_char() macro evaluates its character parameter multiple\ntimes when traversing differential encoding chains. When invoked\nwith *str++, the string pointer advances on each iteration of the\ninner do-while loop, causing the DFA to check different characters\nat each iteration and therefore skip input characters.\nThis results in out-of-bounds reads when the pointer advances past\nthe input buffer boundary.\n\n[ 94.984676] ==================================================================\n[ 94.985301] BUG: KASAN: slab-out-of-bounds in aa_dfa_match+0x5ae/0x760\n[ 94.985655] Read of size 1 at addr ffff888100342000 by task file/976\n\n[ 94.986319] CPU: 7 UID: 1000 PID: 976 Comm: file Not tainted 6.19.0-rc7-next-20260127 #1 PREEMPT(lazy)\n[ 94.986322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 94.986329] Call Trace:\n[ 94.986341] <TASK>\n[ 94.986347] dump_stack_lvl+0x5e/0x80\n[ 94.986374] print_report+0xc8/0x270\n[ 94.986384] ? aa_dfa_match+0x5ae/0x760\n[ 94.986388] kasan_report+0x118/0x150\n[ 94.986401] ? aa_dfa_match+0x5ae/0x760\n[ 94.986405] aa_dfa_match+0x5ae/0x760\n[ 94.986408] __aa_path_perm+0x131/0x400\n[ 94.986418] aa_path_perm+0x219/0x2f0\n[ 94.986424] apparmor_file_open+0x345/0x570\n[ 94.986431] security_file_open+0x5c/0x140\n[ 94.986442] do_dentry_open+0x2f6/0x1120\n[ 94.986450] vfs_open+0x38/0x2b0\n[ 94.986453] ? may_open+0x1e2/0x2b0\n[ 94.986466] path_openat+0x231b/0x2b30\n[ 94.986469] ? __x64_sys_openat+0xf8/0x130\n[ 94.986477] do_file_open+0x19d/0x360\n[ 94.986487] do_sys_openat2+0x98/0x100\n[ 94.986491] __x64_sys_openat+0xf8/0x130\n[ 94.986499] do_syscall_64+0x8e/0x660\n[ 94.986515] ? count_memcg_events+0x15f/0x3c0\n[ 94.986526] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 94.986540] ? handle_mm_fault+0x1639/0x1ef0\n[ 94.986551] ? vma_start_read+0xf0/0x320\n[ 94.986558] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 94.986561] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 94.986563] ? fpregs_assert_state_consistent+0x50/0xe0\n[ 94.986572] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 94.986574] ? arch_exit_to_user_mode_prepare+0x9/0xb0\n[ 94.986587] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 94.986588] ? irqentry_exit+0x3c/0x590\n[ 94.986595] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 94.986597] RIP: 0033:0x7fda4a79c3ea\n\nFix by extracting the character value before invoking match_char,\nensuring single evaluation per outer loop.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23406"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://git.kernel.org/stable/c/0510d1ba0976f97f521feb2b75b0572ea5df3ceb"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://git.kernel.org/stable/c/383b7270faf42564f133134c2fc3c24bbae52615"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "https://git.kernel.org/stable/c/5a184f7cbdeaad17e16dedf3c17d0cd622edfed8"
28+
},
29+
{
30+
"type": "WEB",
31+
"url": "https://git.kernel.org/stable/c/8756b68edae37ff546c02091989a4ceab3f20abd"
32+
},
33+
{
34+
"type": "WEB",
35+
"url": "https://git.kernel.org/stable/c/b73c1dff8a9d7eeaebabf8097a5b2de192f40913"
36+
}
37+
],
38+
"database_specific": {
39+
"cwe_ids": [],
40+
"severity": null,
41+
"github_reviewed": false,
42+
"github_reviewed_at": null,
43+
"nvd_published_at": "2026-04-01T09:16:16Z"
44+
}
45+
}

advisories/unreviewed/2026/04/GHSA-669m-x2jm-gm59/GHSA-669m-x2jm-gm59.json

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-669m-x2jm-gm59",
4+
"modified": "2026-04-01T09:31:27Z",
5+
"published": "2026-04-01T09:31:27Z",
6+
"aliases": [
7+
"CVE-2026-28265"
8+
],
9+
"details": "PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28265"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://www.dell.com/support/kbdoc/en-us/000444169/dsa-2026-157-dell-powerstore-t-security-update-for-multiple-vulnerabilities"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-35"
30+
],
31+
"severity": "MODERATE",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-04-01T08:16:05Z"
35+
}
36+
}

advisories/unreviewed/2026/04/GHSA-6cp6-7hgg-4x9m/GHSA-6cp6-7hgg-4x9m.json

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-6cp6-7hgg-4x9m",
4+
"modified": "2026-04-01T09:31:28Z",
5+
"published": "2026-04-01T09:31:27Z",
6+
"aliases": [
7+
"CVE-2026-23407"
8+
],
9+
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix missing bounds check on DEFAULT table in verify_dfa()\n\nThe verify_dfa() function only checks DEFAULT_TABLE bounds when the state\nis not differentially encoded.\n\nWhen the verification loop traverses the differential encoding chain,\nit reads k = DEFAULT_TABLE[j] and uses k as an array index without\nvalidation. A malformed DFA with DEFAULT_TABLE[j] >= state_count,\ntherefore, causes both out-of-bounds reads and writes.\n\n[ 57.179855] ==================================================================\n[ 57.180549] BUG: KASAN: slab-out-of-bounds in verify_dfa+0x59a/0x660\n[ 57.180904] Read of size 4 at addr ffff888100eadec4 by task su/993\n\n[ 57.181554] CPU: 1 UID: 0 PID: 993 Comm: su Not tainted 6.19.0-rc7-next-20260127 #1 PREEMPT(lazy)\n[ 57.181558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 57.181563] Call Trace:\n[ 57.181572] <TASK>\n[ 57.181577] dump_stack_lvl+0x5e/0x80\n[ 57.181596] print_report+0xc8/0x270\n[ 57.181605] ? verify_dfa+0x59a/0x660\n[ 57.181608] kasan_report+0x118/0x150\n[ 57.181620] ? verify_dfa+0x59a/0x660\n[ 57.181623] verify_dfa+0x59a/0x660\n[ 57.181627] aa_dfa_unpack+0x1610/0x1740\n[ 57.181629] ? __kmalloc_cache_noprof+0x1d0/0x470\n[ 57.181640] unpack_pdb+0x86d/0x46b0\n[ 57.181647] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 57.181653] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 57.181656] ? aa_unpack_nameX+0x1a8/0x300\n[ 57.181659] aa_unpack+0x20b0/0x4c30\n[ 57.181662] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 57.181664] ? stack_depot_save_flags+0x33/0x700\n[ 57.181681] ? kasan_save_track+0x4f/0x80\n[ 57.181683] ? kasan_save_track+0x3e/0x80\n[ 57.181686] ? __kasan_kmalloc+0x93/0xb0\n[ 57.181688] ? __kvmalloc_node_noprof+0x44a/0x780\n[ 57.181693] ? aa_simple_write_to_buffer+0x54/0x130\n[ 57.181697] ? policy_update+0x154/0x330\n[ 57.181704] aa_replace_profiles+0x15a/0x1dd0\n[ 57.181707] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 57.181710] ? __kvmalloc_node_noprof+0x44a/0x780\n[ 57.181712] ? aa_loaddata_alloc+0x77/0x140\n[ 57.181715] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 57.181717] ? _copy_from_user+0x2a/0x70\n[ 57.181730] policy_update+0x17a/0x330\n[ 57.181733] profile_replace+0x153/0x1a0\n[ 57.181735] ? rw_verify_area+0x93/0x2d0\n[ 57.181740] vfs_write+0x235/0xab0\n[ 57.181745] ksys_write+0xb0/0x170\n[ 57.181748] do_syscall_64+0x8e/0x660\n[ 57.181762] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 57.181765] RIP: 0033:0x7f6192792eb2\n\nRemove the MATCH_FLAG_DIFF_ENCODE condition to validate all DEFAULT_TABLE\nentries unconditionally.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23407"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://git.kernel.org/stable/c/5a68e46dfe0c8c8ffc6f425ebc4cae6238566ecc"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://git.kernel.org/stable/c/76b4d36c5122866452d34d8f79985e191f9c3831"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "https://git.kernel.org/stable/c/7c7cf05e0606f554c467e3a4dc49e2e578a755b4"
28+
},
29+
{
30+
"type": "WEB",
31+
"url": "https://git.kernel.org/stable/c/d352873bbefa7eb39995239d0b44ccdf8aaa79a4"
32+
},
33+
{
34+
"type": "WEB",
35+
"url": "https://git.kernel.org/stable/c/f39e126e56c6ec1930fae51ad6bca3dae2a4c3ed"
36+
}
37+
],
38+
"database_specific": {
39+
"cwe_ids": [],
40+
"severity": null,
41+
"github_reviewed": false,
42+
"github_reviewed_at": null,
43+
"nvd_published_at": "2026-04-01T09:16:16Z"
44+
}
45+
}

advisories/unreviewed/2026/04/GHSA-6v6h-rfvh-83r8/GHSA-6v6h-rfvh-83r8.json

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-6v6h-rfvh-83r8",
4+
"modified": "2026-04-01T09:31:27Z",
5+
"published": "2026-04-01T09:31:27Z",
6+
"aliases": [
7+
"CVE-2026-5259"
8+
],
9+
"details": "A vulnerability was determined in AutohomeCorp frostmourne up to 1.0. The affected element is an unknown function of the file frostmourne-monitor/src/main/java/com/autohome/frostmourne/monitor/controller/AlarmController.java of the component Alarm Preview. Executing a manipulation can lead to server-side request forgery. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5259"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://fx4tqqfvdw4.feishu.cn/docx/GE4GdxBxKoSvBOxhkTRcsawlnhc?from=from_copylink"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://vuldb.com/submit/780669"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://vuldb.com/vuln/354449"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://vuldb.com/vuln/354449/cti"
41+
}
42+
],
43+
"database_specific": {
44+
"cwe_ids": [
45+
"CWE-918"
46+
],
47+
"severity": "MODERATE",
48+
"github_reviewed": false,
49+
"github_reviewed_at": null,
50+
"nvd_published_at": "2026-04-01T08:16:05Z"
51+
}
52+
}

advisories/unreviewed/2026/04/GHSA-8f2q-5jx5-qqfg/GHSA-8f2q-5jx5-qqfg.json

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-8f2q-5jx5-qqfg",
4+
"modified": "2026-04-01T09:31:28Z",
5+
"published": "2026-04-01T09:31:28Z",
6+
"aliases": [
7+
"CVE-2026-34889"
8+
],
9+
"details": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Ultimate Addons for WPBakery Page Builder allows DOM-Based XSS.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a before 3.21.4.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34889"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://patchstack.com/database/wordpress/plugin/ultimate_vc_addons/vulnerability/wordpress-ultimate-addons-for-wpbakery-page-builder-plugin-3-21-4-cross-site-scripting-xss-vulnerability?_s_id=cve"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-79"
30+
],
31+
"severity": "MODERATE",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-04-01T09:16:17Z"
35+
}
36+
}

0 commit comments

Comments
 (0)