Skip to content

Commit 1c7d5c0

Browse files
1 parent eca7f72 commit 1c7d5c0

5 files changed

Lines changed: 48 additions & 11 deletions

File tree

advisories/github-reviewed/2026/05/GHSA-6qf2-7x63-mm6v/GHSA-6qf2-7x63-mm6v.json

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-6qf2-7x63-mm6v",
4-
"modified": "2026-05-14T16:18:46Z",
4+
"modified": "2026-06-09T10:18:35Z",
55
"published": "2026-05-14T16:18:46Z",
66
"aliases": [
77
"CVE-2026-45076"
@@ -40,9 +40,17 @@
4040
"type": "WEB",
4141
"url": "https://github.com/element-hq/synapse/security/advisories/GHSA-6qf2-7x63-mm6v"
4242
},
43+
{
44+
"type": "ADVISORY",
45+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45076"
46+
},
4347
{
4448
"type": "PACKAGE",
4549
"url": "https://github.com/element-hq/synapse"
50+
},
51+
{
52+
"type": "WEB",
53+
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/matrix-synapse/PYSEC-2026-194.yaml"
4654
}
4755
],
4856
"database_specific": {
@@ -52,6 +60,6 @@
5260
"severity": "MODERATE",
5361
"github_reviewed": true,
5462
"github_reviewed_at": "2026-05-14T16:18:46Z",
55-
"nvd_published_at": null
63+
"nvd_published_at": "2026-05-28T17:16:31Z"
5664
}
5765
}

advisories/github-reviewed/2026/05/GHSA-8q93-326v-3m7g/GHSA-8q93-326v-3m7g.json

Lines changed: 16 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-8q93-326v-3m7g",
4-
"modified": "2026-05-14T16:18:41Z",
4+
"modified": "2026-06-09T10:18:03Z",
55
"published": "2026-05-14T16:18:40Z",
66
"aliases": [
77
"CVE-2026-45078"
88
],
99
"summary": "Synapse CPU starvation (Denial of Service)",
1010
"details": "### Impact\n\nLocal authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service.\n\nHomeservers that trust all their local users are not at risk.\n\n### Patches\n\nUpdate to Synapse 1.152.1 or later.\n\n### Workarounds\n\nIf Synapse is deployed behind a reverse proxy, the reverse proxy could be configured to limit the rate of user requests,\npreventing or increasing the difficulty of the attack.\n\n### Identifiers\n\n- ELEMENTSEC-2026-1706\n\n### For more information\n\nIf you have any questions or comments about this advisory, please email us at [security at element.io](mailto:security@element.io).",
1111
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
15+
},
1216
{
1317
"type": "CVSS_V4",
1418
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
@@ -40,6 +44,10 @@
4044
"type": "WEB",
4145
"url": "https://github.com/element-hq/synapse/security/advisories/GHSA-8q93-326v-3m7g"
4246
},
47+
{
48+
"type": "ADVISORY",
49+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45078"
50+
},
4351
{
4452
"type": "WEB",
4553
"url": "https://github.com/element-hq/synapse/issues/19394"
@@ -51,15 +59,20 @@
5159
{
5260
"type": "PACKAGE",
5361
"url": "https://github.com/element-hq/synapse"
62+
},
63+
{
64+
"type": "WEB",
65+
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/matrix-synapse/PYSEC-2026-191.yaml"
5466
}
5567
],
5668
"database_specific": {
5769
"cwe_ids": [
58-
"CWE-400"
70+
"CWE-400",
71+
"CWE-770"
5972
],
6073
"severity": "HIGH",
6174
"github_reviewed": true,
6275
"github_reviewed_at": "2026-05-14T16:18:40Z",
63-
"nvd_published_at": null
76+
"nvd_published_at": "2026-05-28T17:16:31Z"
6477
}
6578
}

advisories/github-reviewed/2026/05/GHSA-c35q-vxrp-ph26/GHSA-c35q-vxrp-ph26.json

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-c35q-vxrp-ph26",
4-
"modified": "2026-05-13T15:30:59Z",
4+
"modified": "2026-06-09T10:18:42Z",
55
"published": "2026-05-13T15:30:59Z",
66
"aliases": [
77
"CVE-2026-44797"
@@ -59,6 +59,10 @@
5959
"type": "WEB",
6060
"url": "https://github.com/nautobot/nautobot/security/advisories/GHSA-c35q-vxrp-ph26"
6161
},
62+
{
63+
"type": "ADVISORY",
64+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44797"
65+
},
6266
{
6367
"type": "WEB",
6468
"url": "https://github.com/nautobot/nautobot/commit/16aa4aa9796ab7a31c4d615ec945e1f16d8c77c4"
@@ -87,6 +91,6 @@
8791
"severity": "HIGH",
8892
"github_reviewed": true,
8993
"github_reviewed_at": "2026-05-13T15:30:59Z",
90-
"nvd_published_at": null
94+
"nvd_published_at": "2026-05-28T18:16:33Z"
9195
}
9296
}

advisories/github-reviewed/2026/05/GHSA-p3hx-pwf3-j8wr/GHSA-p3hx-pwf3-j8wr.json

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-p3hx-pwf3-j8wr",
4-
"modified": "2026-05-13T15:31:04Z",
4+
"modified": "2026-06-09T10:18:49Z",
55
"published": "2026-05-13T15:31:04Z",
66
"aliases": [
77
"CVE-2026-44798"
@@ -59,6 +59,10 @@
5959
"type": "WEB",
6060
"url": "https://github.com/nautobot/nautobot/security/advisories/GHSA-p3hx-pwf3-j8wr"
6161
},
62+
{
63+
"type": "ADVISORY",
64+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44798"
65+
},
6266
{
6367
"type": "WEB",
6468
"url": "https://github.com/nautobot/nautobot/commit/9deddfc91ad9260ad17b5e20084e9e2d15be3609"
@@ -88,6 +92,6 @@
8892
"severity": "HIGH",
8993
"github_reviewed": true,
9094
"github_reviewed_at": "2026-05-13T15:31:04Z",
91-
"nvd_published_at": null
95+
"nvd_published_at": "2026-05-28T18:16:34Z"
9296
}
9397
}

advisories/github-reviewed/2026/05/GHSA-wx44-2q6h-j6p8/GHSA-wx44-2q6h-j6p8.json

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-wx44-2q6h-j6p8",
4-
"modified": "2026-05-14T20:29:33Z",
4+
"modified": "2026-06-09T10:17:09Z",
55
"published": "2026-05-14T20:29:33Z",
66
"aliases": [
77
"CVE-2026-45311"
@@ -74,10 +74,18 @@
7474
}
7575
],
7676
"references": [
77+
{
78+
"type": "WEB",
79+
"url": "https://github.com/Hmbown/CodeWhale/security/advisories/GHSA-wx44-2q6h-j6p8"
80+
},
7781
{
7882
"type": "WEB",
7983
"url": "https://github.com/Hmbown/DeepSeek-TUI/security/advisories/GHSA-wx44-2q6h-j6p8"
8084
},
85+
{
86+
"type": "ADVISORY",
87+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45311"
88+
},
8189
{
8290
"type": "PACKAGE",
8391
"url": "https://github.com/Hmbown/DeepSeek-TUI"
@@ -94,6 +102,6 @@
94102
"severity": "CRITICAL",
95103
"github_reviewed": true,
96104
"github_reviewed_at": "2026-05-14T20:29:33Z",
97-
"nvd_published_at": null
105+
"nvd_published_at": "2026-05-28T18:16:35Z"
98106
}
99107
}

0 commit comments

Comments
 (0)