Skip to content

Commit 007f346

Browse files
Advisory Database Sync
1 parent 940bffb commit 007f346

28 files changed

Lines changed: 1163 additions & 18 deletions

File tree

advisories/unreviewed/2026/04/GHSA-5mqr-3465-c7p6/GHSA-5mqr-3465-c7p6.json

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-5mqr-3465-c7p6",
4-
"modified": "2026-06-02T12:31:25Z",
4+
"modified": "2026-06-03T00:30:24Z",
55
"published": "2026-04-23T18:33:03Z",
66
"aliases": [
77
"CVE-2026-34003"
@@ -19,10 +19,6 @@
1919
"type": "ADVISORY",
2020
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34003"
2121
},
22-
{
23-
"type": "WEB",
24-
"url": "https://access.redhat.com/errata/RHSA-2026:10739"
25-
},
2622
{
2723
"type": "WEB",
2824
"url": "https://access.redhat.com/errata/RHSA-2026:20562"
@@ -75,6 +71,10 @@
7571
"type": "WEB",
7672
"url": "https://access.redhat.com/errata/RHSA-2026:22424"
7773
},
74+
{
75+
"type": "WEB",
76+
"url": "https://access.redhat.com/errata/RHSA-2026:22456"
77+
},
7878
{
7979
"type": "WEB",
8080
"url": "https://access.redhat.com/security/cve/CVE-2026-34003"
@@ -83,6 +83,10 @@
8383
"type": "WEB",
8484
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451113"
8585
},
86+
{
87+
"type": "WEB",
88+
"url": "https://access.redhat.com/errata/RHSA-2026:10739"
89+
},
8690
{
8791
"type": "WEB",
8892
"url": "https://access.redhat.com/errata/RHSA-2026:11352"

advisories/unreviewed/2026/04/GHSA-cjgm-66pw-5r9r/GHSA-cjgm-66pw-5r9r.json

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-cjgm-66pw-5r9r",
4-
"modified": "2026-06-02T12:31:25Z",
4+
"modified": "2026-06-03T00:30:24Z",
55
"published": "2026-04-23T18:33:03Z",
66
"aliases": [
77
"CVE-2026-34001"
@@ -19,10 +19,6 @@
1919
"type": "ADVISORY",
2020
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34001"
2121
},
22-
{
23-
"type": "WEB",
24-
"url": "https://access.redhat.com/errata/RHSA-2026:10739"
25-
},
2622
{
2723
"type": "WEB",
2824
"url": "https://access.redhat.com/errata/RHSA-2026:20562"
@@ -75,6 +71,10 @@
7571
"type": "WEB",
7672
"url": "https://access.redhat.com/errata/RHSA-2026:22424"
7773
},
74+
{
75+
"type": "WEB",
76+
"url": "https://access.redhat.com/errata/RHSA-2026:22456"
77+
},
7878
{
7979
"type": "WEB",
8080
"url": "https://access.redhat.com/security/cve/CVE-2026-34001"
@@ -83,6 +83,10 @@
8383
"type": "WEB",
8484
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451109"
8585
},
86+
{
87+
"type": "WEB",
88+
"url": "https://access.redhat.com/errata/RHSA-2026:10739"
89+
},
8690
{
8791
"type": "WEB",
8892
"url": "https://access.redhat.com/errata/RHSA-2026:11352"

advisories/unreviewed/2026/04/GHSA-g562-3mh5-27v6/GHSA-g562-3mh5-27v6.json

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-g562-3mh5-27v6",
4-
"modified": "2026-06-02T12:31:25Z",
4+
"modified": "2026-06-03T00:30:23Z",
55
"published": "2026-04-23T18:33:03Z",
66
"aliases": [
77
"CVE-2026-33999"
@@ -19,10 +19,6 @@
1919
"type": "ADVISORY",
2020
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33999"
2121
},
22-
{
23-
"type": "WEB",
24-
"url": "https://access.redhat.com/errata/RHSA-2026:10739"
25-
},
2622
{
2723
"type": "WEB",
2824
"url": "https://access.redhat.com/errata/RHSA-2026:20562"
@@ -75,6 +71,10 @@
7571
"type": "WEB",
7672
"url": "https://access.redhat.com/errata/RHSA-2026:22424"
7773
},
74+
{
75+
"type": "WEB",
76+
"url": "https://access.redhat.com/errata/RHSA-2026:22456"
77+
},
7878
{
7979
"type": "WEB",
8080
"url": "https://access.redhat.com/security/cve/CVE-2026-33999"
@@ -83,6 +83,10 @@
8383
"type": "WEB",
8484
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451106"
8585
},
86+
{
87+
"type": "WEB",
88+
"url": "https://access.redhat.com/errata/RHSA-2026:10739"
89+
},
8690
{
8791
"type": "WEB",
8892
"url": "https://access.redhat.com/errata/RHSA-2026:11352"

advisories/unreviewed/2026/05/GHSA-2q6x-pg74-2276/GHSA-2q6x-pg74-2276.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-2q6x-pg74-2276",
4-
"modified": "2026-06-02T12:31:25Z",
4+
"modified": "2026-06-03T00:30:24Z",
55
"published": "2026-05-05T18:33:24Z",
66
"aliases": [
77
"CVE-2026-34002"
@@ -27,6 +27,10 @@
2727
"type": "WEB",
2828
"url": "https://access.redhat.com/security/cve/CVE-2026-34002"
2929
},
30+
{
31+
"type": "WEB",
32+
"url": "https://access.redhat.com/errata/RHSA-2026:22456"
33+
},
3034
{
3135
"type": "WEB",
3236
"url": "https://access.redhat.com/errata/RHSA-2026:22424"

advisories/unreviewed/2026/05/GHSA-x7p4-8jjf-qcp4/GHSA-x7p4-8jjf-qcp4.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-x7p4-8jjf-qcp4",
4-
"modified": "2026-06-02T12:31:25Z",
4+
"modified": "2026-06-03T00:30:24Z",
55
"published": "2026-05-05T18:33:24Z",
66
"aliases": [
77
"CVE-2026-34000"
@@ -27,6 +27,10 @@
2727
"type": "WEB",
2828
"url": "https://access.redhat.com/security/cve/CVE-2026-34000"
2929
},
30+
{
31+
"type": "WEB",
32+
"url": "https://access.redhat.com/errata/RHSA-2026:22456"
33+
},
3034
{
3135
"type": "WEB",
3236
"url": "https://access.redhat.com/errata/RHSA-2026:22424"
Lines changed: 68 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,68 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-23jv-8gf4-7r88",
4+
"modified": "2026-06-03T00:30:25Z",
5+
"published": "2026-06-03T00:30:25Z",
6+
"aliases": [
7+
"CVE-2026-10650"
8+
],
9+
"details": "A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lws_ssh_parse_plaintext of the file plugins/protocol_lws_ssh_base/sshd.c of the component SSH Protocol Handler. Executing a manipulation of the argument msg_len can lead to resource consumption. The attack may be launched remotely. The exploit has been published and may be used. This patch is called 3f9f0c6ecaf0e6f3f219d30632c5d1f2479d7498. A patch should be applied to remediate this issue.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10650"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://github.com/warmcat/libwebsockets/commit/3f9f0c6ecaf0e6f3f219d30632c5d1f2479d7498"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://github.com/biniamf/pocs/blob/main/libwebsockets_sshd-parse-ic-unbounded-alloc/poc_sshd_unbounded_alloc.py"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://github.com/biniamf/pocs/tree/main/libwebsockets_sshd-parse-ic-unbounded-alloc"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://github.com/warmcat/libwebsockets"
41+
},
42+
{
43+
"type": "WEB",
44+
"url": "https://vuldb.com/cve/CVE-2026-10650"
45+
},
46+
{
47+
"type": "WEB",
48+
"url": "https://vuldb.com/submit/830261"
49+
},
50+
{
51+
"type": "WEB",
52+
"url": "https://vuldb.com/vuln/367955"
53+
},
54+
{
55+
"type": "WEB",
56+
"url": "https://vuldb.com/vuln/367955/cti"
57+
}
58+
],
59+
"database_specific": {
60+
"cwe_ids": [
61+
"CWE-400"
62+
],
63+
"severity": "MODERATE",
64+
"github_reviewed": false,
65+
"github_reviewed_at": null,
66+
"nvd_published_at": "2026-06-02T22:16:16Z"
67+
}
68+
}
Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-4279-q6mj-392r",
4+
"modified": "2026-06-03T00:30:26Z",
5+
"published": "2026-06-03T00:30:26Z",
6+
"aliases": [
7+
"CVE-2026-27145"
8+
],
9+
"details": "(*x509.Certificate).VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name (SAN) entries. This caused strings.Split(host, \".\") to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically based on the number of SAN entries multiplied by the hostname's label count. Because x509.Verify validates hostnames before building the certificate chain, this overhead occurred even for untrusted certificates.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27145"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://go.dev/cl/783621"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://go.dev/issue/79694"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw"
28+
},
29+
{
30+
"type": "WEB",
31+
"url": "https://pkg.go.dev/vuln/GO-2026-5037"
32+
}
33+
],
34+
"database_specific": {
35+
"cwe_ids": [],
36+
"severity": null,
37+
"github_reviewed": false,
38+
"github_reviewed_at": null,
39+
"nvd_published_at": "2026-06-02T23:16:35Z"
40+
}
41+
}
Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-4r7r-w926-gm5j",
4+
"modified": "2026-06-03T00:30:27Z",
5+
"published": "2026-06-03T00:30:27Z",
6+
"aliases": [
7+
"CVE-2026-7421"
8+
],
9+
"details": "The Passeum Ticketing plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.0. This is due to the `get_shop_url()` method returning the `shop_name` setting value without sanitization when it begins with \"http\", combined with insufficient validation in the `validate_shop_name()` function which only checks for empty values and string type. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary external scripts by setting the `shop_name` to an attacker-controlled URL (e.g., `https://attacker.com`), which causes the plugin to enqueue external JavaScript and CSS from the attacker-controlled domain via `wp_register_script()` and `wp_register_style()`. The injected scripts execute on every frontend page containing any Passeum Ticketing shortcode, affecting all site visitors. Please note that this does not affect single-site installations as administrators already have the `unfiltered_html` capability.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7421"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://plugins.trac.wordpress.org/browser/passeum-ticketing/tags/1.0/inc/settings.php#L141"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://plugins.trac.wordpress.org/browser/passeum-ticketing/tags/1.0/passeum-ticketing.php#L202"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://plugins.trac.wordpress.org/browser/passeum-ticketing/tags/1.0/passeum-ticketing.php#L40"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://plugins.trac.wordpress.org/browser/passeum-ticketing/trunk/inc/settings.php#L141"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://plugins.trac.wordpress.org/browser/passeum-ticketing/trunk/passeum-ticketing.php#L202"
41+
},
42+
{
43+
"type": "WEB",
44+
"url": "https://plugins.trac.wordpress.org/browser/passeum-ticketing/trunk/passeum-ticketing.php#L40"
45+
},
46+
{
47+
"type": "WEB",
48+
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/48363f1f-dae8-4efa-824f-098550245ca3?source=cve"
49+
}
50+
],
51+
"database_specific": {
52+
"cwe_ids": [
53+
"CWE-79"
54+
],
55+
"severity": "MODERATE",
56+
"github_reviewed": false,
57+
"github_reviewed_at": null,
58+
"nvd_published_at": "2026-06-03T00:16:44Z"
59+
}
60+
}

0 commit comments

Comments
 (0)