Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/137246?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "znuny", "version": "6.5.21-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/275723?format=api", "vulnerability_id": "VCID-3um8-4fmh-97ge", "summary": "In Znuny LTS before 6.5.21 and Znuny before 7.3.3, there is reflected XSS in AdminCommunicationLog (aka the communication log administration view).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-50592", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08687", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08703", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08683", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08635", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-50592" }, { "reference_url": "https://www.znuny.org/en/advisories/zsa-2026-10", "reference_id": "zsa-2026-10", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-05T18:21:17Z/" } ], "url": "https://www.znuny.org/en/advisories/zsa-2026-10" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-50592" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3um8-4fmh-97ge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97466?format=api", "vulnerability_id": "VCID-48xy-e43e-3uhq", "summary": "There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending specially crafted e-mail to the system and it doesn't require any user intraction. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21441", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53179", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.5324", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53248", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.5323", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53204", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21441" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992", "reference_id": "989992", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137245?format=api", "purl": "pkg:deb/debian/znuny@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137244?format=api", "purl": "pkg:deb/debian/znuny@6.5.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-5equ-78js-5ffs" }, { "vulnerability": "VCID-6hqw-djsz-2fb9" }, { "vulnerability": "VCID-88yz-xb2f-ykce" }, { "vulnerability": "VCID-aem1-z125-xbcn" }, { "vulnerability": "VCID-bs4b-q3bf-kqcz" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-fyz6-z2s8-g7bs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-nuyx-axak-rfc5" }, { "vulnerability": "VCID-nwu6-pvr1-h7h3" }, { "vulnerability": "VCID-r9rn-hd3y-77h1" }, { "vulnerability": "VCID-sbb6-yk3t-nygm" }, { "vulnerability": "VCID-teuw-kajh-mkaq" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-21441" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-48xy-e43e-3uhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107217?format=api", "vulnerability_id": "VCID-5equ-78js-5ffs", "summary": "An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the configuration file can use this to execute a command executed by the user running the backup.pl script.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26845", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61686", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61706", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61713", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61702", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26845" }, { "reference_url": "https://www.znuny.com", "reference_id": "www.znuny.com", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:45:30Z/" } ], "url": "https://www.znuny.com" }, { "reference_url": "https://www.znuny.org/en/advisories/zsa-2025-03", "reference_id": "zsa-2025-03", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:45:30Z/" } ], "url": "https://www.znuny.org/en/advisories/zsa-2025-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137254?format=api", "purl": "pkg:deb/debian/znuny@6.5.13-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.13-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26845" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5equ-78js-5ffs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97471?format=api", "vulnerability_id": "VCID-6hqw-djsz-2fb9", "summary": "Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS Generic Interface modules allows any authenticated attacker to to perform an host header injection for the ContentType header of the attachment. This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38060", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45626", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45667", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45671", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45651", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38060" }, { "reference_url": "https://otrs.com/release-notes/otrs-security-advisory-2023-04/", "reference_id": "otrs-security-advisory-2023-04", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-17T13:01:31Z/" } ], "url": "https://otrs.com/release-notes/otrs-security-advisory-2023-04/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137251?format=api", "purl": "pkg:deb/debian/znuny@6.5.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-38060" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6hqw-djsz-2fb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107210?format=api", "vulnerability_id": "VCID-88yz-xb2f-ykce", "summary": "An issue was discovered in Znuny LTS 6.5.1 through 6.5.7 and Znuny 7.0.1 through 7.0.16 where a logged-in agent is able to inject SQL in the draft form ID parameter of an AJAX request.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-32493", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.70122", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.70144", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.70152", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.70134", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-32493" }, { "reference_url": "https://znuny.com", "reference_id": "znuny.com", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-30T14:46:04Z/" } ], "url": "https://znuny.com" }, { "reference_url": "https://www.znuny.org/en/advisories/zsa-2024-03", "reference_id": "zsa-2024-03", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-30T14:46:04Z/" } ], "url": "https://www.znuny.org/en/advisories/zsa-2024-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137252?format=api", "purl": "pkg:deb/debian/znuny@6.5.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-32493" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-88yz-xb2f-ykce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107221?format=api", "vulnerability_id": "VCID-aem1-z125-xbcn", "summary": "An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6. Custom AJAX calls to the AgentPreferences UpdateAJAX subaction can be used to set user preferences with arbitrary keys. When fetching user data via GetUserData, these keys and values are retrieved and given as a whole to other function calls, which then might use these keys/values to affect permissions or other settings.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-43926", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43794", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43845", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43854", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43828", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-43926" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104739", "reference_id": "1104739", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104739" }, { "reference_url": "https://znuny.com", "reference_id": "znuny.com", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-12T18:30:23Z/" } ], "url": "https://znuny.com" }, { "reference_url": "https://www.znuny.org/en/advisories/zsa-2025-07", "reference_id": "zsa-2025-07", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-12T18:30:23Z/" } ], "url": "https://www.znuny.org/en/advisories/zsa-2025-07" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-43926" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aem1-z125-xbcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107213?format=api", "vulnerability_id": "VCID-bs4b-q3bf-kqcz", "summary": "An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content of S/MIME encrypted e-mail messages is visible to users with access to the CommunicationLog.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26842", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52472", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.5248", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.5246", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52432", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26842" }, { "reference_url": "https://www.znuny.org/en/advisories/zsa-2025-01", "reference_id": "zsa-2025-01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:53:25Z/" } ], "url": "https://www.znuny.org/en/advisories/zsa-2025-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137254?format=api", "purl": "pkg:deb/debian/znuny@6.5.13-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.13-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26842" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bs4b-q3bf-kqcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97467?format=api", "vulnerability_id": "VCID-dnfd-spvs-9qbb", "summary": "Agents are able to list customer user emails without required permissions in the bulk action screen. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44625", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44694", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44702", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.4468", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44648", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21443" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593", "reference_id": "991593", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137245?format=api", "purl": "pkg:deb/debian/znuny@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137244?format=api", "purl": "pkg:deb/debian/znuny@6.5.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-5equ-78js-5ffs" }, { "vulnerability": "VCID-6hqw-djsz-2fb9" }, { "vulnerability": "VCID-88yz-xb2f-ykce" }, { "vulnerability": "VCID-aem1-z125-xbcn" }, { "vulnerability": "VCID-bs4b-q3bf-kqcz" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-fyz6-z2s8-g7bs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-nuyx-axak-rfc5" }, { "vulnerability": "VCID-nwu6-pvr1-h7h3" }, { "vulnerability": "VCID-r9rn-hd3y-77h1" }, { "vulnerability": "VCID-sbb6-yk3t-nygm" }, { "vulnerability": "VCID-teuw-kajh-mkaq" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-21443" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnfd-spvs-9qbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107222?format=api", "vulnerability_id": "VCID-ebk7-d8nm-5qh7", "summary": "A Cross-Site Scripting (XSS) vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-52204", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02482", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0241", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02425", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02477", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-52204" }, { "reference_url": "https://github.com/j0qq3r/CVE-2025-52204", "reference_id": "CVE-2025-52204", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:00:50Z/" } ], "url": "https://github.com/j0qq3r/CVE-2025-52204" }, { "reference_url": "https://www.znuny.org/en/releases/znuny-7-3-1", "reference_id": "znuny-7-3-1", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:00:50Z/" } ], "url": "https://www.znuny.org/en/releases/znuny-7-3-1" }, { "reference_url": "http://znuny.com", "reference_id": "znuny.com", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:00:50Z/" } ], "url": "http://znuny.com" }, { "reference_url": "http://znunyitsm.com", "reference_id": "znunyitsm.com", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:00:50Z/" } ], "url": "http://znunyitsm.com" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137257?format=api", "purl": "pkg:deb/debian/znuny@6.5.19-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.19-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-52204" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ebk7-d8nm-5qh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97470?format=api", "vulnerability_id": "VCID-fn3v-xu31-h3gz", "summary": "Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows SQL Injection via TicketSearch Webservice This issue affects OTRS: from 7.0.1 before 7.0.40 Patch 1, from 8.0.1 before 8.0.28 Patch 1; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4427", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00465", "scoring_system": "epss", "scoring_elements": "0.6472", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00465", "scoring_system": "epss", "scoring_elements": "0.64761", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00465", "scoring_system": "epss", "scoring_elements": "0.64771", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00465", "scoring_system": "epss", "scoring_elements": "0.6476", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00465", "scoring_system": "epss", "scoring_elements": "0.64749", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4427" }, { "reference_url": "https://otrs.com/release-notes/otrs-security-advisory-2022-15/", "reference_id": "otrs-security-advisory-2022-15", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T18:03:48Z/" } ], "url": "https://otrs.com/release-notes/otrs-security-advisory-2022-15/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137250?format=api", "purl": "pkg:deb/debian/znuny@6.4.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.4.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137244?format=api", "purl": "pkg:deb/debian/znuny@6.5.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-5equ-78js-5ffs" }, { "vulnerability": "VCID-6hqw-djsz-2fb9" }, { "vulnerability": "VCID-88yz-xb2f-ykce" }, { "vulnerability": "VCID-aem1-z125-xbcn" }, { "vulnerability": "VCID-bs4b-q3bf-kqcz" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-fyz6-z2s8-g7bs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-nuyx-axak-rfc5" }, { "vulnerability": "VCID-nwu6-pvr1-h7h3" }, { "vulnerability": "VCID-r9rn-hd3y-77h1" }, { "vulnerability": "VCID-sbb6-yk3t-nygm" }, { "vulnerability": "VCID-teuw-kajh-mkaq" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-4427" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fn3v-xu31-h3gz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107211?format=api", "vulnerability_id": "VCID-fyz6-z2s8-g7bs", "summary": "Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows XSS. JavaScript code in the short description of the SLA field in Activity Dialogues is executed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-48937", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01525", "scoring_system": "epss", "scoring_elements": "0.81634", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01525", "scoring_system": "epss", "scoring_elements": "0.81629", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01525", "scoring_system": "epss", "scoring_elements": "0.81636", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-48937" }, { "reference_url": "https://www.znuny.org/en/advisories", "reference_id": "advisories", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T15:39:09Z/" } ], "url": "https://www.znuny.org/en/advisories" }, { "reference_url": "https://www.znuny.com", "reference_id": "www.znuny.com", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T15:39:09Z/" } ], "url": "https://www.znuny.com" }, { "reference_url": "https://www.znuny.org/en/advisories/zsa-2024-05", "reference_id": "zsa-2024-05", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T15:39:09Z/" } ], "url": "https://www.znuny.org/en/advisories/zsa-2024-05" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137253?format=api", "purl": "pkg:deb/debian/znuny@6.5.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-48937" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fyz6-z2s8-g7bs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57137?format=api", "vulnerability_id": "VCID-gx8h-5h14-dqez", "summary": "jquery-validation vulnerable to Cross-site Scripting\nVersions of the package jquery-validation before 1.20.0 are vulnerable to Cross-site Scripting (XSS) in the showLabel() function, which may take input from a user-controlled placeholder value. This value will populate a message via $.validator.messages in a user localizable dictionary.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3573.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3573.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3573", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.57058", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.57078", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.57085", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.57073", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3573" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3573", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3573" }, { "reference_url": "https://github.com/jquery-validation/jquery-validation", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery-validation/jquery-validation" }, { "reference_url": "https://github.com/jquery-validation/jquery-validation/commit/7a490d8f39bd988027568ddcf51755e1f4688902", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery-validation/jquery-validation/commit/7a490d8f39bd988027568ddcf51755e1f4688902" }, { "reference_url": "https://github.com/jquery-validation/jquery-validation/pull/2462", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jquery-validation/jquery-validation/pull/2462" }, { "reference_url": "https://security.snyk.io/vuln/SNYK-JS-JQUERYVALIDATION-5952285", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.snyk.io/vuln/SNYK-JS-JQUERYVALIDATION-5952285" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103445", "reference_id": "1103445", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103445" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104134", "reference_id": "1104134", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104134" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104135", "reference_id": "1104135", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104135" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104136", "reference_id": "1104136", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104136" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359682", "reference_id": "2359682", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359682" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3573", "reference_id": "CVE-2025-3573", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3573" }, { "reference_url": "https://github.com/advisories/GHSA-rrj2-ph5q-jxw2", "reference_id": "GHSA-rrj2-ph5q-jxw2", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-rrj2-ph5q-jxw2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137256?format=api", "purl": "pkg:deb/debian/znuny@6.5.16-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.16-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-3573", "GHSA-rrj2-ph5q-jxw2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gx8h-5h14-dqez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/275722?format=api", "vulnerability_id": "VCID-mkg7-u2gk-7kee", "summary": "IN Znuny LTS before 6.5.21 and Znuny before 7.3.3, XSS can occur via stored user preferences.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-50591", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08687", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08703", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08683", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08635", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-50591" }, { "reference_url": "https://www.znuny.org/en/advisories/zsa-2026-11", "reference_id": "zsa-2026-11", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-05T18:22:51Z/" } ], "url": "https://www.znuny.org/en/advisories/zsa-2026-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-50591" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mkg7-u2gk-7kee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107209?format=api", "vulnerability_id": "VCID-n9cu-rusr-ufhx", "summary": "An issue was discovered in Znuny 7.0.1 through 7.0.16 where the ticket detail view in the customer front allows the execution of external JavaScript.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-32492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.71249", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.71278", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.71284", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0065", "scoring_system": "epss", "scoring_elements": "0.71264", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-32492" }, { "reference_url": "https://znuny.com", "reference_id": "znuny.com", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T15:52:23Z/" } ], "url": "https://znuny.com" }, { "reference_url": "https://www.znuny.org/en/advisories/zsa-2024-02", "reference_id": "zsa-2024-02", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T15:52:23Z/" } ], "url": "https://www.znuny.org/en/advisories/zsa-2024-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137245?format=api", "purl": "pkg:deb/debian/znuny@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137244?format=api", "purl": "pkg:deb/debian/znuny@6.5.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-5equ-78js-5ffs" }, { "vulnerability": "VCID-6hqw-djsz-2fb9" }, { "vulnerability": "VCID-88yz-xb2f-ykce" }, { "vulnerability": "VCID-aem1-z125-xbcn" }, { "vulnerability": "VCID-bs4b-q3bf-kqcz" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-fyz6-z2s8-g7bs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-nuyx-axak-rfc5" }, { "vulnerability": "VCID-nwu6-pvr1-h7h3" }, { "vulnerability": "VCID-r9rn-hd3y-77h1" }, { "vulnerability": "VCID-sbb6-yk3t-nygm" }, { "vulnerability": "VCID-teuw-kajh-mkaq" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-32492" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n9cu-rusr-ufhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107218?format=api", "vulnerability_id": "VCID-nuyx-axak-rfc5", "summary": "An issue was discovered in Znuny before 7.1.4. Permissions are not checked properly when using the Generic Interface to update ticket metadata.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26846", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00404", "scoring_system": "epss", "scoring_elements": "0.61305", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00404", "scoring_system": "epss", "scoring_elements": "0.61329", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00404", "scoring_system": "epss", "scoring_elements": "0.61337", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00404", "scoring_system": "epss", "scoring_elements": "0.61323", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26846" }, { "reference_url": "https://www.znuny.com", "reference_id": "www.znuny.com", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-12T21:50:36Z/" } ], "url": "https://www.znuny.com" }, { "reference_url": "https://www.znuny.org/en/advisories/zsa-2025-02", "reference_id": "zsa-2025-02", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-12T21:50:36Z/" } ], "url": "https://www.znuny.org/en/advisories/zsa-2025-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137254?format=api", "purl": "pkg:deb/debian/znuny@6.5.13-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.13-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26846" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nuyx-axak-rfc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107212?format=api", "vulnerability_id": "VCID-nwu6-pvr1-h7h3", "summary": "Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows DoS/ReDos via email. Parsing the content of emails where HTML code is copied from Microsoft Word could lead to high CPU usage and block the parsing process.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-48938", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.72395", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.72367", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.72382", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.72401", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-48938" }, { "reference_url": "https://www.znuny.org/en/advisories", "reference_id": "advisories", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T18:44:51Z/" } ], "url": "https://www.znuny.org/en/advisories" }, { "reference_url": "https://www.znuny.com", "reference_id": "www.znuny.com", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T18:44:51Z/" } ], "url": "https://www.znuny.com" }, { "reference_url": "https://www.znuny.org/en/advisories/zsa-2024-04", "reference_id": "zsa-2024-04", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T18:44:51Z/" } ], "url": "https://www.znuny.org/en/advisories/zsa-2024-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137253?format=api", "purl": "pkg:deb/debian/znuny@6.5.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-48938" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nwu6-pvr1-h7h3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97465?format=api", "vulnerability_id": "VCID-qd3v-muyf-tkd7", "summary": "Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21440", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39236", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39326", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.3933", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39301", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39274", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21440" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21440", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21440" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593", "reference_id": "991593", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137245?format=api", "purl": "pkg:deb/debian/znuny@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137244?format=api", "purl": "pkg:deb/debian/znuny@6.5.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-5equ-78js-5ffs" }, { "vulnerability": "VCID-6hqw-djsz-2fb9" }, { "vulnerability": "VCID-88yz-xb2f-ykce" }, { "vulnerability": "VCID-aem1-z125-xbcn" }, { "vulnerability": "VCID-bs4b-q3bf-kqcz" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-fyz6-z2s8-g7bs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-nuyx-axak-rfc5" }, { "vulnerability": "VCID-nwu6-pvr1-h7h3" }, { "vulnerability": "VCID-r9rn-hd3y-77h1" }, { "vulnerability": "VCID-sbb6-yk3t-nygm" }, { "vulnerability": "VCID-teuw-kajh-mkaq" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-21440" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qd3v-muyf-tkd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107208?format=api", "vulnerability_id": "VCID-r9rn-hd3y-77h1", "summary": "An issue was discovered in Znuny and Znuny LTS 6.0.31 through 6.5.7 and Znuny 7.0.1 through 7.0.16 where a logged-in user can upload a file (via a manipulated AJAX Request) to an arbitrary writable location by traversing paths. Arbitrary code can be executed if this location is publicly available through the web server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-32491", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.6946", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69473", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69481", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69472", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-32491" }, { "reference_url": "https://znuny.com", "reference_id": "znuny.com", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-30T15:40:28Z/" } ], "url": "https://znuny.com" }, { "reference_url": "https://www.znuny.org/en/advisories/zsa-2024-01", "reference_id": "zsa-2024-01", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-30T15:40:28Z/" } ], "url": "https://www.znuny.org/en/advisories/zsa-2024-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137252?format=api", "purl": "pkg:deb/debian/znuny@6.5.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-32491" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r9rn-hd3y-77h1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107216?format=api", "vulnerability_id": "VCID-sbb6-yk3t-nygm", "summary": "An issue was discovered in Znuny through 7.1.3. A cookie is set without the HttpOnly flag.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26844", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58935", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58953", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58959", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58951", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26844" }, { "reference_url": "https://www.znuny.com", "reference_id": "www.znuny.com", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:48:53Z/" } ], "url": "https://www.znuny.com" }, { "reference_url": "https://www.znuny.org/en/advisories/zsa-2025-05", "reference_id": "zsa-2025-05", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:48:53Z/" } ], "url": "https://www.znuny.org/en/advisories/zsa-2025-05" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137254?format=api", "purl": "pkg:deb/debian/znuny@6.5.13-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.13-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26844" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sbb6-yk3t-nygm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107220?format=api", "vulnerability_id": "VCID-teuw-kajh-mkaq", "summary": "An issue was discovered in Znuny before 7.1.5. When generating a support bundle, not all passwords are masked.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26847", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53465", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53498", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53507", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.5349", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26847" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104739", "reference_id": "1104739", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104739" }, { "reference_url": "https://www.znuny.com", "reference_id": "www.znuny.com", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:58:30Z/" } ], "url": "https://www.znuny.com" }, { "reference_url": "https://www.znuny.org/en/advisories/zsa-2025-06", "reference_id": "zsa-2025-06", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:58:30Z/" } ], "url": "https://www.znuny.org/en/advisories/zsa-2025-06" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26847" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-teuw-kajh-mkaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107215?format=api", "vulnerability_id": "VCID-vrv5-q3yc-t3fv", "summary": "", "references": [], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26843" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vrv5-q3yc-t3fv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97464?format=api", "vulnerability_id": "VCID-xjen-uzab-a7cu", "summary": "DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a halt. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions; 8.0.x version 8.0.13 and prior versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21439", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57573", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57625", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57633", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57612", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21439" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21439", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21439" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992", "reference_id": "989992", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137245?format=api", "purl": "pkg:deb/debian/znuny@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137244?format=api", "purl": "pkg:deb/debian/znuny@6.5.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-5equ-78js-5ffs" }, { "vulnerability": "VCID-6hqw-djsz-2fb9" }, { "vulnerability": "VCID-88yz-xb2f-ykce" }, { "vulnerability": "VCID-aem1-z125-xbcn" }, { "vulnerability": "VCID-bs4b-q3bf-kqcz" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-fyz6-z2s8-g7bs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-nuyx-axak-rfc5" }, { "vulnerability": "VCID-nwu6-pvr1-h7h3" }, { "vulnerability": "VCID-r9rn-hd3y-77h1" }, { "vulnerability": "VCID-sbb6-yk3t-nygm" }, { "vulnerability": "VCID-teuw-kajh-mkaq" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-21439" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xjen-uzab-a7cu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97469?format=api", "vulnerability_id": "VCID-yp9r-n7se-fqbb", "summary": "Specially crafted string in OTRS system configuration can allow the execution of any system command.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36100", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72843", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.7288", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72888", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.7287", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72858", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36100" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36100", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36100" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137245?format=api", "purl": "pkg:deb/debian/znuny@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137244?format=api", "purl": "pkg:deb/debian/znuny@6.5.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-5equ-78js-5ffs" }, { "vulnerability": "VCID-6hqw-djsz-2fb9" }, { "vulnerability": "VCID-88yz-xb2f-ykce" }, { "vulnerability": "VCID-aem1-z125-xbcn" }, { "vulnerability": "VCID-bs4b-q3bf-kqcz" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-fyz6-z2s8-g7bs" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-nuyx-axak-rfc5" }, { "vulnerability": "VCID-nwu6-pvr1-h7h3" }, { "vulnerability": "VCID-r9rn-hd3y-77h1" }, { "vulnerability": "VCID-sbb6-yk3t-nygm" }, { "vulnerability": "VCID-teuw-kajh-mkaq" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137249?format=api", "purl": "pkg:deb/debian/znuny@6.5.15-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3um8-4fmh-97ge" }, { "vulnerability": "VCID-ebk7-d8nm-5qh7" }, { "vulnerability": "VCID-gx8h-5h14-dqez" }, { "vulnerability": "VCID-mkg7-u2gk-7kee" }, { "vulnerability": "VCID-vrv5-q3yc-t3fv" }, { "vulnerability": "VCID-ztx6-1f5p-hkdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-36100" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yp9r-n7se-fqbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107223?format=api", "vulnerability_id": "VCID-ztx6-1f5p-hkdb", "summary": "", "references": [], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/137246?format=api", "purl": "pkg:deb/debian/znuny@6.5.21-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-59490" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ztx6-1f5p-hkdb" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie" }