Skip to content

File tree

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-3g4p-c74p-mh7x",
4+
"modified": "2026-06-04T06:30:25Z",
5+
"published": "2026-06-04T06:30:25Z",
6+
"aliases": [
7+
"CVE-2026-44917"
8+
],
9+
"details": "OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxe_template.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44917"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://bugs.launchpad.net/ironic/+bug/2148319"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://www.openwall.com/lists/oss-security/2026/06/03/13"
29+
}
30+
],
31+
"database_specific": {
32+
"cwe_ids": [
33+
"CWE-669"
34+
],
35+
"severity": "MODERATE",
36+
"github_reviewed": false,
37+
"github_reviewed_at": null,
38+
"nvd_published_at": "2026-06-04T04:17:14Z"
39+
}
40+
}
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-78x5-76fx-mcp6",
4+
"modified": "2026-06-04T06:30:25Z",
5+
"published": "2026-06-04T06:30:25Z",
6+
"aliases": [
7+
"CVE-2026-49185"
8+
],
9+
"details": "The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), allowing command/instruction injection.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V4",
13+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49185"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://community.acer.com/en/kb/articles/19707"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-78"
30+
],
31+
"severity": "CRITICAL",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-04T04:17:15Z"
35+
}
36+
}
Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-9hfw-w3f4-c4p8",
4+
"modified": "2026-06-04T06:30:25Z",
5+
"published": "2026-06-04T06:30:25Z",
6+
"aliases": [
7+
"CVE-2026-41283"
8+
],
9+
"details": "OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41283"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://github.com/openstack/mistral/tags"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://www.openwall.com/lists/oss-security/2026/06/03/14"
29+
}
30+
],
31+
"database_specific": {
32+
"cwe_ids": [
33+
"CWE-863"
34+
],
35+
"severity": "CRITICAL",
36+
"github_reviewed": false,
37+
"github_reviewed_at": null,
38+
"nvd_published_at": "2026-06-04T04:17:12Z"
39+
}
40+
}
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-9hqp-cgj3-526j",
4+
"modified": "2026-06-04T06:30:25Z",
5+
"published": "2026-06-04T06:30:25Z",
6+
"aliases": [
7+
"CVE-2026-49188"
8+
],
9+
"details": "The ai_cmd utility executes with full root permissions. It pipes socket inputs directly to popen(), paving the way for unauthenticated users to execute arbitrary root commands.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V4",
13+
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49188"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://community.acer.com/en/kb/articles/19707"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-489"
30+
],
31+
"severity": "HIGH",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-04T06:16:24Z"
35+
}
36+
}
Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-9v62-qx4c-44x5",
4+
"modified": "2026-06-04T06:30:25Z",
5+
"published": "2026-06-04T06:30:25Z",
6+
"aliases": [
7+
"CVE-2026-48681"
8+
],
9+
"details": "OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48681"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://bugs.launchpad.net/ironic/+bug/2148333"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://www.openwall.com/lists/oss-security/2026/06/03/12"
29+
}
30+
],
31+
"database_specific": {
32+
"cwe_ids": [
33+
"CWE-23"
34+
],
35+
"severity": "MODERATE",
36+
"github_reviewed": false,
37+
"github_reviewed_at": null,
38+
"nvd_published_at": "2026-06-04T04:17:15Z"
39+
}
40+
}
Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-gmvv-r68v-m7x9",
4+
"modified": "2026-06-04T06:30:25Z",
5+
"published": "2026-06-04T06:30:25Z",
6+
"aliases": [
7+
"CVE-2026-41010"
8+
],
9+
"details": "ReleaseJob#unpack builds job_dir = File.join(@release_dir, 'jobs', name) and job_tgz = File.join(@release_dir, 'jobs', \"#{name}.tgz\") where name returns @job_meta['name'], a value taken verbatim from the jobs: array of the attacker-supplied release.MF inside the uploaded tarball. These paths are then interpolated into a shell string: Bosh::Common::Exec.sh(\"tar -C #{job_dir} -xf #{job_tgz} 2>&1\", :on_error => :return). Bosh::Common::Exec.sh executes via %x{#{command}} (bosh-common/lib/bosh/common/exec.rb:53), i.e. /bin/sh -c, so any shell metacharacters in name are interpreted. FileUtils.mkdir_p(job_dir) on line 49 creates the literal directory (no shell) and succeeds even when the name contains $()/;, so execution reaches the sh call.\n\nAffected versions:\n- BOSH Director: all versions prior to v282.1.12 (inclusive); fixed in v282.1.12 or later",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41010"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://www.cloudfoundry.org/blog/cve-2026-41010-release-job-name-command-injection-on-bosh-director"
29+
}
30+
],
31+
"database_specific": {
32+
"cwe_ids": [
33+
"CWE-78"
34+
],
35+
"severity": "HIGH",
36+
"github_reviewed": false,
37+
"github_reviewed_at": null,
38+
"nvd_published_at": "2026-06-04T04:17:10Z"
39+
}
40+
}
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-hph7-5jr2-h359",
4+
"modified": "2026-06-04T06:30:26Z",
5+
"published": "2026-06-04T06:30:25Z",
6+
"aliases": [
7+
"CVE-2026-49189"
8+
],
9+
"details": "Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V4",
13+
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49189"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://community.acer.com/en/kb/articles/19707"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-269"
30+
],
31+
"severity": "HIGH",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-04T06:16:24Z"
35+
}
36+
}

advisories/unreviewed/2026/06/GHSA-jrh2-f5jc-xpgr/GHSA-jrh2-f5jc-xpgr.json

Lines changed: 11 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-jrh2-f5jc-xpgr",
4-
"modified": "2026-06-04T00:30:25Z",
4+
"modified": "2026-06-04T06:30:25Z",
55
"published": "2026-06-04T00:30:25Z",
66
"aliases": [
77
"CVE-2026-46447"
88
],
99
"details": "OpenStack Ironic through 35.0.x allows Boot Script Injection.",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -28,8 +33,10 @@
2833
}
2934
],
3035
"database_specific": {
31-
"cwe_ids": [],
32-
"severity": null,
36+
"cwe_ids": [
37+
"CWE-669"
38+
],
39+
"severity": "MODERATE",
3340
"github_reviewed": false,
3441
"github_reviewed_at": null,
3542
"nvd_published_at": "2026-06-03T22:16:34Z"
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-mgmr-hqww-q343",
4+
"modified": "2026-06-04T06:30:25Z",
5+
"published": "2026-06-04T06:30:25Z",
6+
"aliases": [
7+
"CVE-2026-49187"
8+
],
9+
"details": "The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V4",
13+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49187"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://community.acer.com/en/kb/articles/19707"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-200"
30+
],
31+
"severity": "HIGH",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-04T06:16:24Z"
35+
}
36+
}
Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-rwc7-7qq8-w477",
4+
"modified": "2026-06-04T06:30:25Z",
5+
"published": "2026-06-04T06:30:25Z",
6+
"aliases": [
7+
"CVE-2026-10805"
8+
],
9+
"details": "A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description (MUD) URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL, provided an administrator has explicitly configured NetworkManager to use dhclient. This issue does not affect default configurations of NetworkManager.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10805"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://access.redhat.com/security/cve/CVE-2026-10805"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2484613"
29+
}
30+
],
31+
"database_specific": {
32+
"cwe_ids": [
33+
"CWE-78"
34+
],
35+
"severity": "MODERATE",
36+
"github_reviewed": false,
37+
"github_reviewed_at": null,
38+
"nvd_published_at": "2026-06-04T06:16:21Z"
39+
}
40+
}

0 commit comments

Comments
 (0)