Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/django@4.2.26
Typepypi
Namespace
Namedjango
Version4.2.26
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.2.30
Latest_non_vulnerable_version6.0.6
Affected_by_vulnerabilities
0
url VCID-13q1-fzeg-bfd9
vulnerability_id VCID-13q1-fzeg-bfd9
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1312.json
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1312.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-1312
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02016
published_at 2026-06-13T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02025
published_at 2026-06-14T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02013
published_at 2026-06-11T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02017
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-1312
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1312
3
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/005d60d97c4dfb117503bdb6f2facfcaf9315d84
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/005d60d97c4dfb117503bdb6f2facfcaf9315d84
7
reference_url https://github.com/django/django/commit/69065ca869b0970dff8fdd8fafb390bf8b3bf222
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/69065ca869b0970dff8fdd8fafb390bf8b3bf222
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-47.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-47.yaml
9
reference_url https://www.djangoproject.com/weblog/2026/feb/03/security-releases
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2026/feb/03/security-releases
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126914
reference_id 1126914
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126914
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436342
reference_id 2436342
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436342
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-1312
reference_id CVE-2026-1312
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-1312
13
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:56:09Z/
url https://groups.google.com/g/django-announce
14
reference_url https://github.com/advisories/GHSA-6426-9fv3-65x8
reference_id GHSA-6426-9fv3-65x8
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6426-9fv3-65x8
15
reference_url https://access.redhat.com/errata/RHSA-2026:14835
reference_id RHSA-2026:14835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14835
16
reference_url https://access.redhat.com/errata/RHSA-2026:2694
reference_id RHSA-2026:2694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2694
17
reference_url https://access.redhat.com/errata/RHSA-2026:3958
reference_id RHSA-2026:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3958
18
reference_url https://access.redhat.com/errata/RHSA-2026:3959
reference_id RHSA-2026:3959
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3959
19
reference_url https://access.redhat.com/errata/RHSA-2026:3960
reference_id RHSA-2026:3960
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3960
20
reference_url https://access.redhat.com/errata/RHSA-2026:3962
reference_id RHSA-2026:3962
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3962
21
reference_url https://access.redhat.com/errata/RHSA-2026:5970
reference_id RHSA-2026:5970
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5970
22
reference_url https://access.redhat.com/errata/RHSA-2026:5971
reference_id RHSA-2026:5971
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5971
23
reference_url https://access.redhat.com/errata/RHSA-2026:6291
reference_id RHSA-2026:6291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6291
24
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:56:09Z/
url https://docs.djangoproject.com/en/dev/releases/security/
25
reference_url https://www.djangoproject.com/weblog/2026/feb/03/security-releases/
reference_id security-releases
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:56:09Z/
url https://www.djangoproject.com/weblog/2026/feb/03/security-releases/
26
reference_url https://usn.ubuntu.com/8009-1/
reference_id USN-8009-1
reference_type
scores
url https://usn.ubuntu.com/8009-1/
fixed_packages
0
url pkg:pypi/django@4.2.28
purl pkg:pypi/django@4.2.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dh5p-grha-r7a2
1
vulnerability VCID-hb8n-gwz6-9yd9
2
vulnerability VCID-jdjc-ygtk-c7hv
3
vulnerability VCID-q3sw-jd7p-1yg1
4
vulnerability VCID-r3dj-t213-jyhh
5
vulnerability VCID-zr7g-1xkm-fqdw
6
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.28
1
url pkg:pypi/django@5.0a1
purl pkg:pypi/django@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-xkrz-p214-hqhp
3
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0a1
2
url pkg:pypi/django@5.2.11
purl pkg:pypi/django@5.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-dh5p-grha-r7a2
4
vulnerability VCID-h5qf-zbcz-qygg
5
vulnerability VCID-hb8n-gwz6-9yd9
6
vulnerability VCID-jdjc-ygtk-c7hv
7
vulnerability VCID-m4mg-yd86-dyfw
8
vulnerability VCID-n915-wj16-wka6
9
vulnerability VCID-q3sw-jd7p-1yg1
10
vulnerability VCID-r3dj-t213-jyhh
11
vulnerability VCID-tvk1-4am9-f3cf
12
vulnerability VCID-z7sj-r61n-qbcd
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.11
3
url pkg:pypi/django@6.0.2
purl pkg:pypi/django@6.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-dh5p-grha-r7a2
4
vulnerability VCID-h5qf-zbcz-qygg
5
vulnerability VCID-hb8n-gwz6-9yd9
6
vulnerability VCID-jdjc-ygtk-c7hv
7
vulnerability VCID-m4mg-yd86-dyfw
8
vulnerability VCID-n915-wj16-wka6
9
vulnerability VCID-q3sw-jd7p-1yg1
10
vulnerability VCID-r3dj-t213-jyhh
11
vulnerability VCID-tvk1-4am9-f3cf
12
vulnerability VCID-z7sj-r61n-qbcd
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.2
aliases BIT-django-2026-1312, CVE-2026-1312, GHSA-6426-9fv3-65x8, PYSEC-2026-47
risk_score 3.9
exploitability 0.5
weighted_severity 7.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-13q1-fzeg-bfd9
1
url VCID-4xtu-yeh2-pbc8
vulnerability_id VCID-4xtu-yeh2-pbc8
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1285.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1285.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-1285
reference_id
reference_type
scores
0
value 0.00079
scoring_system epss
scoring_elements 0.2362
published_at 2026-06-14T12:55:00Z
1
value 0.00079
scoring_system epss
scoring_elements 0.23639
published_at 2026-06-13T12:55:00Z
2
value 0.00079
scoring_system epss
scoring_elements 0.23434
published_at 2026-06-11T12:55:00Z
3
value 0.00079
scoring_system epss
scoring_elements 0.23629
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-1285
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1285
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1285
3
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/a33540b3e20b5d759aa8b2e4b9ca0e8edd285344
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/a33540b3e20b5d759aa8b2e4b9ca0e8edd285344
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-45.yaml
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-45.yaml
8
reference_url https://www.djangoproject.com/weblog/2026/feb/03/security-releases
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2026/feb/03/security-releases
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126914
reference_id 1126914
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126914
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436340
reference_id 2436340
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436340
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-1285
reference_id CVE-2026-1285
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-1285
12
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:22:30Z/
url https://groups.google.com/g/django-announce
13
reference_url https://github.com/advisories/GHSA-4rrr-2h4v-f3j9
reference_id GHSA-4rrr-2h4v-f3j9
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4rrr-2h4v-f3j9
14
reference_url https://access.redhat.com/errata/RHSA-2026:14835
reference_id RHSA-2026:14835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14835
15
reference_url https://access.redhat.com/errata/RHSA-2026:2694
reference_id RHSA-2026:2694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2694
16
reference_url https://access.redhat.com/errata/RHSA-2026:3958
reference_id RHSA-2026:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3958
17
reference_url https://access.redhat.com/errata/RHSA-2026:3959
reference_id RHSA-2026:3959
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3959
18
reference_url https://access.redhat.com/errata/RHSA-2026:5970
reference_id RHSA-2026:5970
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5970
19
reference_url https://access.redhat.com/errata/RHSA-2026:5971
reference_id RHSA-2026:5971
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5971
20
reference_url https://access.redhat.com/errata/RHSA-2026:6291
reference_id RHSA-2026:6291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6291
21
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:22:30Z/
url https://docs.djangoproject.com/en/dev/releases/security/
22
reference_url https://www.djangoproject.com/weblog/2026/feb/03/security-releases/
reference_id security-releases
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:22:30Z/
url https://www.djangoproject.com/weblog/2026/feb/03/security-releases/
23
reference_url https://usn.ubuntu.com/8009-1/
reference_id USN-8009-1
reference_type
scores
url https://usn.ubuntu.com/8009-1/
fixed_packages
0
url pkg:pypi/django@4.2.28
purl pkg:pypi/django@4.2.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dh5p-grha-r7a2
1
vulnerability VCID-hb8n-gwz6-9yd9
2
vulnerability VCID-jdjc-ygtk-c7hv
3
vulnerability VCID-q3sw-jd7p-1yg1
4
vulnerability VCID-r3dj-t213-jyhh
5
vulnerability VCID-zr7g-1xkm-fqdw
6
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.28
1
url pkg:pypi/django@5.0a1
purl pkg:pypi/django@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-xkrz-p214-hqhp
3
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0a1
2
url pkg:pypi/django@5.2.11
purl pkg:pypi/django@5.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-dh5p-grha-r7a2
4
vulnerability VCID-h5qf-zbcz-qygg
5
vulnerability VCID-hb8n-gwz6-9yd9
6
vulnerability VCID-jdjc-ygtk-c7hv
7
vulnerability VCID-m4mg-yd86-dyfw
8
vulnerability VCID-n915-wj16-wka6
9
vulnerability VCID-q3sw-jd7p-1yg1
10
vulnerability VCID-r3dj-t213-jyhh
11
vulnerability VCID-tvk1-4am9-f3cf
12
vulnerability VCID-z7sj-r61n-qbcd
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.11
3
url pkg:pypi/django@6.0.2
purl pkg:pypi/django@6.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-dh5p-grha-r7a2
4
vulnerability VCID-h5qf-zbcz-qygg
5
vulnerability VCID-hb8n-gwz6-9yd9
6
vulnerability VCID-jdjc-ygtk-c7hv
7
vulnerability VCID-m4mg-yd86-dyfw
8
vulnerability VCID-n915-wj16-wka6
9
vulnerability VCID-q3sw-jd7p-1yg1
10
vulnerability VCID-r3dj-t213-jyhh
11
vulnerability VCID-tvk1-4am9-f3cf
12
vulnerability VCID-z7sj-r61n-qbcd
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.2
aliases BIT-django-2026-1285, CVE-2026-1285, GHSA-4rrr-2h4v-f3j9, PYSEC-2026-45
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4xtu-yeh2-pbc8
2
url VCID-72z9-v49q-vbcc
vulnerability_id VCID-72z9-v49q-vbcc
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64460.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64460.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-64460
reference_id
reference_type
scores
0
value 0.00067
scoring_system epss
scoring_elements 0.21137
published_at 2026-06-14T12:55:00Z
1
value 0.00067
scoring_system epss
scoring_elements 0.21155
published_at 2026-06-13T12:55:00Z
2
value 0.00067
scoring_system epss
scoring_elements 0.2096
published_at 2026-06-11T12:55:00Z
3
value 0.00067
scoring_system epss
scoring_elements 0.21136
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-64460
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
28
reference_url https://github.com/django/django/commit/0db9ea4669312f1f4973e09f4bca06ab9c1ec74b
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/0db9ea4669312f1f4973e09f4bca06ab9c1ec74b
29
reference_url https://github.com/django/django/commit/1dbd07a608e495a0c229edaaf84d58d8976313b5
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/1dbd07a608e495a0c229edaaf84d58d8976313b5
30
reference_url https://github.com/django/django/commit/4d2b8803bebcdefd2b76e9e8fc528d5fddea93f0
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4d2b8803bebcdefd2b76e9e8fc528d5fddea93f0
31
reference_url https://github.com/django/django/commit/99e7d22f55497278d0bcb2e15e72ef532e62a31d
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/99e7d22f55497278d0bcb2e15e72ef532e62a31d
32
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-109.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-109.yaml
33
reference_url https://www.djangoproject.com/weblog/2025/dec/02/security-releases
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/dec/02/security-releases
34
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121788
reference_id 1121788
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121788
35
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2418366
reference_id 2418366
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2418366
36
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-64460
reference_id CVE-2025-64460
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-64460
37
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:53:53Z/
url https://groups.google.com/g/django-announce
38
reference_url https://github.com/advisories/GHSA-vrcr-9hj9-jcg6
reference_id GHSA-vrcr-9hj9-jcg6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vrcr-9hj9-jcg6
39
reference_url https://access.redhat.com/errata/RHSA-2026:0414
reference_id RHSA-2026:0414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0414
40
reference_url https://access.redhat.com/errata/RHSA-2026:1249
reference_id RHSA-2026:1249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1249
41
reference_url https://access.redhat.com/errata/RHSA-2026:1497
reference_id RHSA-2026:1497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1497
42
reference_url https://access.redhat.com/errata/RHSA-2026:1506
reference_id RHSA-2026:1506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1506
43
reference_url https://access.redhat.com/errata/RHSA-2026:1599
reference_id RHSA-2026:1599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1599
44
reference_url https://access.redhat.com/errata/RHSA-2026:1609
reference_id RHSA-2026:1609
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1609
45
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:53:53Z/
url https://docs.djangoproject.com/en/dev/releases/security/
46
reference_url https://www.djangoproject.com/weblog/2025/dec/02/security-releases/
reference_id security-releases
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:53:53Z/
url https://www.djangoproject.com/weblog/2025/dec/02/security-releases/
47
reference_url https://usn.ubuntu.com/7903-1/
reference_id USN-7903-1
reference_type
scores
url https://usn.ubuntu.com/7903-1/
fixed_packages
0
url pkg:pypi/django@4.2.27
purl pkg:pypi/django@4.2.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-dh5p-grha-r7a2
3
vulnerability VCID-dqpz-q718-pkas
4
vulnerability VCID-e331-cbgc-hubm
5
vulnerability VCID-hb8n-gwz6-9yd9
6
vulnerability VCID-jdjc-ygtk-c7hv
7
vulnerability VCID-pn2d-2euz-pudt
8
vulnerability VCID-q3sw-jd7p-1yg1
9
vulnerability VCID-r3dj-t213-jyhh
10
vulnerability VCID-sbwy-buwj-gkd2
11
vulnerability VCID-zr7g-1xkm-fqdw
12
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.27
1
url pkg:pypi/django@5.0a1
purl pkg:pypi/django@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-xkrz-p214-hqhp
3
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0a1
2
url pkg:pypi/django@5.1.15
purl pkg:pypi/django@5.1.15
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.15
3
url pkg:pypi/django@5.2.9
purl pkg:pypi/django@5.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-1g9h-ryet-2ffs
2
vulnerability VCID-1mp4-kq35-1ba7
3
vulnerability VCID-4xtu-yeh2-pbc8
4
vulnerability VCID-8tz7-vjwz-rycs
5
vulnerability VCID-dh5p-grha-r7a2
6
vulnerability VCID-dqpz-q718-pkas
7
vulnerability VCID-e331-cbgc-hubm
8
vulnerability VCID-h5qf-zbcz-qygg
9
vulnerability VCID-hb8n-gwz6-9yd9
10
vulnerability VCID-jdjc-ygtk-c7hv
11
vulnerability VCID-m4mg-yd86-dyfw
12
vulnerability VCID-n915-wj16-wka6
13
vulnerability VCID-pn2d-2euz-pudt
14
vulnerability VCID-q3sw-jd7p-1yg1
15
vulnerability VCID-r3dj-t213-jyhh
16
vulnerability VCID-sbwy-buwj-gkd2
17
vulnerability VCID-tvk1-4am9-f3cf
18
vulnerability VCID-z7sj-r61n-qbcd
19
vulnerability VCID-zr7g-1xkm-fqdw
20
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.9
4
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-dqpz-q718-pkas
3
vulnerability VCID-e331-cbgc-hubm
4
vulnerability VCID-pn2d-2euz-pudt
5
vulnerability VCID-sbwy-buwj-gkd2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
aliases BIT-django-2025-64460, CVE-2025-64460, GHSA-vrcr-9hj9-jcg6, PYSEC-2025-109
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-72z9-v49q-vbcc
3
url VCID-81b9-uqyv-kkhm
vulnerability_id VCID-81b9-uqyv-kkhm
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13372.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13372.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-13372
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.00328
published_at 2026-06-14T12:55:00Z
1
value 6e-05
scoring_system epss
scoring_elements 0.00323
published_at 2026-06-13T12:55:00Z
2
value 6e-05
scoring_system epss
scoring_elements 0.00325
published_at 2026-06-11T12:55:00Z
3
value 6e-05
scoring_system epss
scoring_elements 0.00324
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-13372
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
28
reference_url https://github.com/django/django/commit/479415ce5249bcdebeb6570c72df2a87f45a7bbf
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/479415ce5249bcdebeb6570c72df2a87f45a7bbf
29
reference_url https://github.com/django/django/commit/56aea00c3c5e1aacf4ed05f8ee06c2e78f02cea0
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/56aea00c3c5e1aacf4ed05f8ee06c2e78f02cea0
30
reference_url https://github.com/django/django/commit/5b90ca1e7591fa36fccf2d6dad67cf1477e6293e
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/5b90ca1e7591fa36fccf2d6dad67cf1477e6293e
31
reference_url https://github.com/django/django/commit/9c6a5bde24240382807d13bc3748d08444709355
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/9c6a5bde24240382807d13bc3748d08444709355
32
reference_url https://github.com/django/django/commit/f997037b235f6b5c9e7c4a501491ec45f3400f3d
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f997037b235f6b5c9e7c4a501491ec45f3400f3d
33
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-104.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-104.yaml
34
reference_url https://www.djangoproject.com/weblog/2025/dec/02/security-releases
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/dec/02/security-releases
35
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121788
reference_id 1121788
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121788
36
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2418372
reference_id 2418372
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2418372
37
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-13372
reference_id CVE-2025-13372
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-13372
38
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T15:43:29Z/
url https://groups.google.com/g/django-announce
39
reference_url https://github.com/advisories/GHSA-rqw2-ghq9-44m7
reference_id GHSA-rqw2-ghq9-44m7
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rqw2-ghq9-44m7
40
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T15:43:29Z/
url https://docs.djangoproject.com/en/dev/releases/security/
41
reference_url https://www.djangoproject.com/weblog/2025/dec/02/security-releases/
reference_id security-releases
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T15:43:29Z/
url https://www.djangoproject.com/weblog/2025/dec/02/security-releases/
42
reference_url https://usn.ubuntu.com/7903-1/
reference_id USN-7903-1
reference_type
scores
url https://usn.ubuntu.com/7903-1/
fixed_packages
0
url pkg:pypi/django@4.2.27
purl pkg:pypi/django@4.2.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-dh5p-grha-r7a2
3
vulnerability VCID-dqpz-q718-pkas
4
vulnerability VCID-e331-cbgc-hubm
5
vulnerability VCID-hb8n-gwz6-9yd9
6
vulnerability VCID-jdjc-ygtk-c7hv
7
vulnerability VCID-pn2d-2euz-pudt
8
vulnerability VCID-q3sw-jd7p-1yg1
9
vulnerability VCID-r3dj-t213-jyhh
10
vulnerability VCID-sbwy-buwj-gkd2
11
vulnerability VCID-zr7g-1xkm-fqdw
12
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.27
1
url pkg:pypi/django@5.0a1
purl pkg:pypi/django@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-xkrz-p214-hqhp
3
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0a1
2
url pkg:pypi/django@5.1.15
purl pkg:pypi/django@5.1.15
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.15
3
url pkg:pypi/django@5.2.9
purl pkg:pypi/django@5.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-1g9h-ryet-2ffs
2
vulnerability VCID-1mp4-kq35-1ba7
3
vulnerability VCID-4xtu-yeh2-pbc8
4
vulnerability VCID-8tz7-vjwz-rycs
5
vulnerability VCID-dh5p-grha-r7a2
6
vulnerability VCID-dqpz-q718-pkas
7
vulnerability VCID-e331-cbgc-hubm
8
vulnerability VCID-h5qf-zbcz-qygg
9
vulnerability VCID-hb8n-gwz6-9yd9
10
vulnerability VCID-jdjc-ygtk-c7hv
11
vulnerability VCID-m4mg-yd86-dyfw
12
vulnerability VCID-n915-wj16-wka6
13
vulnerability VCID-pn2d-2euz-pudt
14
vulnerability VCID-q3sw-jd7p-1yg1
15
vulnerability VCID-r3dj-t213-jyhh
16
vulnerability VCID-sbwy-buwj-gkd2
17
vulnerability VCID-tvk1-4am9-f3cf
18
vulnerability VCID-z7sj-r61n-qbcd
19
vulnerability VCID-zr7g-1xkm-fqdw
20
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.9
4
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-dqpz-q718-pkas
3
vulnerability VCID-e331-cbgc-hubm
4
vulnerability VCID-pn2d-2euz-pudt
5
vulnerability VCID-sbwy-buwj-gkd2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
aliases BIT-django-2025-13372, CVE-2025-13372, GHSA-rqw2-ghq9-44m7, PYSEC-2025-104
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-81b9-uqyv-kkhm
4
url VCID-dh5p-grha-r7a2
vulnerability_id VCID-dh5p-grha-r7a2
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25673.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25673.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25673
reference_id
reference_type
scores
0
value 0.0024
scoring_system epss
scoring_elements 0.47452
published_at 2026-06-14T12:55:00Z
1
value 0.0024
scoring_system epss
scoring_elements 0.47315
published_at 2026-06-11T12:55:00Z
2
value 0.0024
scoring_system epss
scoring_elements 0.47471
published_at 2026-06-13T12:55:00Z
3
value 0.0024
scoring_system epss
scoring_elements 0.47456
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25673
2
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
5
reference_url https://www.djangoproject.com/weblog/2026/mar/03/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2026/mar/03/security-releases
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2444115
reference_id 2444115
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2444115
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25673
reference_id CVE-2026-25673
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25673
8
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-03T15:25:53Z/
url https://groups.google.com/g/django-announce
9
reference_url https://github.com/advisories/GHSA-8p8v-wh79-9r56
reference_id GHSA-8p8v-wh79-9r56
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8p8v-wh79-9r56
10
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-03T15:25:53Z/
url https://docs.djangoproject.com/en/dev/releases/security/
11
reference_url https://www.djangoproject.com/weblog/2026/mar/03/security-releases/
reference_id security-releases
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-03T15:25:53Z/
url https://www.djangoproject.com/weblog/2026/mar/03/security-releases/
fixed_packages
0
url pkg:pypi/django@4.2.29
purl pkg:pypi/django@4.2.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jdjc-ygtk-c7hv
1
vulnerability VCID-q3sw-jd7p-1yg1
2
vulnerability VCID-r3dj-t213-jyhh
3
vulnerability VCID-zr7g-1xkm-fqdw
4
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.29
1
url pkg:pypi/django@5.0a1
purl pkg:pypi/django@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-xkrz-p214-hqhp
3
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0a1
2
url pkg:pypi/django@5.2.12
purl pkg:pypi/django@5.2.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-h5qf-zbcz-qygg
4
vulnerability VCID-jdjc-ygtk-c7hv
5
vulnerability VCID-m4mg-yd86-dyfw
6
vulnerability VCID-n915-wj16-wka6
7
vulnerability VCID-q3sw-jd7p-1yg1
8
vulnerability VCID-r3dj-t213-jyhh
9
vulnerability VCID-tvk1-4am9-f3cf
10
vulnerability VCID-z7sj-r61n-qbcd
11
vulnerability VCID-zr7g-1xkm-fqdw
12
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.12
3
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-dqpz-q718-pkas
3
vulnerability VCID-e331-cbgc-hubm
4
vulnerability VCID-pn2d-2euz-pudt
5
vulnerability VCID-sbwy-buwj-gkd2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
4
url pkg:pypi/django@6.0.3
purl pkg:pypi/django@6.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-h5qf-zbcz-qygg
4
vulnerability VCID-jdjc-ygtk-c7hv
5
vulnerability VCID-m4mg-yd86-dyfw
6
vulnerability VCID-n915-wj16-wka6
7
vulnerability VCID-q3sw-jd7p-1yg1
8
vulnerability VCID-r3dj-t213-jyhh
9
vulnerability VCID-tvk1-4am9-f3cf
10
vulnerability VCID-z7sj-r61n-qbcd
11
vulnerability VCID-zr7g-1xkm-fqdw
12
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.3
aliases CVE-2026-25673, GHSA-8p8v-wh79-9r56
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dh5p-grha-r7a2
5
url VCID-dqpz-q718-pkas
vulnerability_id VCID-dqpz-q718-pkas
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1287.json
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1287.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-1287
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02025
published_at 2026-06-14T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02016
published_at 2026-06-13T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02013
published_at 2026-06-11T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02017
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-1287
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1287
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1287
3
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/e891a84c7ef9962bfcc3b4685690219542f86a22
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/e891a84c7ef9962bfcc3b4685690219542f86a22
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-46.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-46.yaml
8
reference_url https://www.djangoproject.com/weblog/2026/feb/03/security-releases
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2026/feb/03/security-releases
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126914
reference_id 1126914
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126914
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436339
reference_id 2436339
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436339
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-1287
reference_id CVE-2026-1287
reference_type
scores
0
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-1287
12
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:26:40Z/
url https://groups.google.com/g/django-announce
13
reference_url https://github.com/advisories/GHSA-gvg8-93h5-g6qq
reference_id GHSA-gvg8-93h5-g6qq
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gvg8-93h5-g6qq
14
reference_url https://access.redhat.com/errata/RHSA-2026:14835
reference_id RHSA-2026:14835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14835
15
reference_url https://access.redhat.com/errata/RHSA-2026:2694
reference_id RHSA-2026:2694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2694
16
reference_url https://access.redhat.com/errata/RHSA-2026:3958
reference_id RHSA-2026:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3958
17
reference_url https://access.redhat.com/errata/RHSA-2026:3959
reference_id RHSA-2026:3959
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3959
18
reference_url https://access.redhat.com/errata/RHSA-2026:3960
reference_id RHSA-2026:3960
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3960
19
reference_url https://access.redhat.com/errata/RHSA-2026:3962
reference_id RHSA-2026:3962
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3962
20
reference_url https://access.redhat.com/errata/RHSA-2026:5970
reference_id RHSA-2026:5970
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5970
21
reference_url https://access.redhat.com/errata/RHSA-2026:5971
reference_id RHSA-2026:5971
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5971
22
reference_url https://access.redhat.com/errata/RHSA-2026:6291
reference_id RHSA-2026:6291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6291
23
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:26:40Z/
url https://docs.djangoproject.com/en/dev/releases/security/
24
reference_url https://www.djangoproject.com/weblog/2026/feb/03/security-releases/
reference_id security-releases
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:26:40Z/
url https://www.djangoproject.com/weblog/2026/feb/03/security-releases/
25
reference_url https://usn.ubuntu.com/8009-1/
reference_id USN-8009-1
reference_type
scores
url https://usn.ubuntu.com/8009-1/
fixed_packages
0
url pkg:pypi/django@4.2.28
purl pkg:pypi/django@4.2.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dh5p-grha-r7a2
1
vulnerability VCID-hb8n-gwz6-9yd9
2
vulnerability VCID-jdjc-ygtk-c7hv
3
vulnerability VCID-q3sw-jd7p-1yg1
4
vulnerability VCID-r3dj-t213-jyhh
5
vulnerability VCID-zr7g-1xkm-fqdw
6
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.28
1
url pkg:pypi/django@5.0a1
purl pkg:pypi/django@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-xkrz-p214-hqhp
3
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0a1
2
url pkg:pypi/django@5.2.11
purl pkg:pypi/django@5.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-dh5p-grha-r7a2
4
vulnerability VCID-h5qf-zbcz-qygg
5
vulnerability VCID-hb8n-gwz6-9yd9
6
vulnerability VCID-jdjc-ygtk-c7hv
7
vulnerability VCID-m4mg-yd86-dyfw
8
vulnerability VCID-n915-wj16-wka6
9
vulnerability VCID-q3sw-jd7p-1yg1
10
vulnerability VCID-r3dj-t213-jyhh
11
vulnerability VCID-tvk1-4am9-f3cf
12
vulnerability VCID-z7sj-r61n-qbcd
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.11
3
url pkg:pypi/django@6.0.2
purl pkg:pypi/django@6.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-dh5p-grha-r7a2
4
vulnerability VCID-h5qf-zbcz-qygg
5
vulnerability VCID-hb8n-gwz6-9yd9
6
vulnerability VCID-jdjc-ygtk-c7hv
7
vulnerability VCID-m4mg-yd86-dyfw
8
vulnerability VCID-n915-wj16-wka6
9
vulnerability VCID-q3sw-jd7p-1yg1
10
vulnerability VCID-r3dj-t213-jyhh
11
vulnerability VCID-tvk1-4am9-f3cf
12
vulnerability VCID-z7sj-r61n-qbcd
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.2
aliases BIT-django-2026-1287, CVE-2026-1287, GHSA-gvg8-93h5-g6qq, PYSEC-2026-46
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dqpz-q718-pkas
6
url VCID-e331-cbgc-hubm
vulnerability_id VCID-e331-cbgc-hubm
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13473.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13473.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-13473
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11698
published_at 2026-06-13T12:55:00Z
1
value 0.00038
scoring_system epss
scoring_elements 0.11675
published_at 2026-06-14T12:55:00Z
2
value 0.00038
scoring_system epss
scoring_elements 0.11625
published_at 2026-06-11T12:55:00Z
3
value 0.00038
scoring_system epss
scoring_elements 0.11704
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-13473
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13473
3
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-42.yaml
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-42.yaml
7
reference_url https://www.djangoproject.com/weblog/2026/feb/03/security-releases
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2026/feb/03/security-releases
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126914
reference_id 1126914
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126914
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436343
reference_id 2436343
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436343
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-13473
reference_id CVE-2025-13473
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-13473
11
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:19:11Z/
url https://groups.google.com/g/django-announce
12
reference_url https://github.com/advisories/GHSA-2mcm-79hx-8fxw
reference_id GHSA-2mcm-79hx-8fxw
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2mcm-79hx-8fxw
13
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:19:11Z/
url https://docs.djangoproject.com/en/dev/releases/security/
14
reference_url https://www.djangoproject.com/weblog/2026/feb/03/security-releases/
reference_id security-releases
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:19:11Z/
url https://www.djangoproject.com/weblog/2026/feb/03/security-releases/
15
reference_url https://usn.ubuntu.com/8009-1/
reference_id USN-8009-1
reference_type
scores
url https://usn.ubuntu.com/8009-1/
fixed_packages
0
url pkg:pypi/django@4.2.28
purl pkg:pypi/django@4.2.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dh5p-grha-r7a2
1
vulnerability VCID-hb8n-gwz6-9yd9
2
vulnerability VCID-jdjc-ygtk-c7hv
3
vulnerability VCID-q3sw-jd7p-1yg1
4
vulnerability VCID-r3dj-t213-jyhh
5
vulnerability VCID-zr7g-1xkm-fqdw
6
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.28
1
url pkg:pypi/django@5.0a1
purl pkg:pypi/django@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-xkrz-p214-hqhp
3
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0a1
2
url pkg:pypi/django@5.2.11
purl pkg:pypi/django@5.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-dh5p-grha-r7a2
4
vulnerability VCID-h5qf-zbcz-qygg
5
vulnerability VCID-hb8n-gwz6-9yd9
6
vulnerability VCID-jdjc-ygtk-c7hv
7
vulnerability VCID-m4mg-yd86-dyfw
8
vulnerability VCID-n915-wj16-wka6
9
vulnerability VCID-q3sw-jd7p-1yg1
10
vulnerability VCID-r3dj-t213-jyhh
11
vulnerability VCID-tvk1-4am9-f3cf
12
vulnerability VCID-z7sj-r61n-qbcd
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.11
3
url pkg:pypi/django@6.0.2
purl pkg:pypi/django@6.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-dh5p-grha-r7a2
4
vulnerability VCID-h5qf-zbcz-qygg
5
vulnerability VCID-hb8n-gwz6-9yd9
6
vulnerability VCID-jdjc-ygtk-c7hv
7
vulnerability VCID-m4mg-yd86-dyfw
8
vulnerability VCID-n915-wj16-wka6
9
vulnerability VCID-q3sw-jd7p-1yg1
10
vulnerability VCID-r3dj-t213-jyhh
11
vulnerability VCID-tvk1-4am9-f3cf
12
vulnerability VCID-z7sj-r61n-qbcd
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.2
aliases BIT-django-2025-13473, CVE-2025-13473, GHSA-2mcm-79hx-8fxw, PYSEC-2026-42
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e331-cbgc-hubm
7
url VCID-hb8n-gwz6-9yd9
vulnerability_id VCID-hb8n-gwz6-9yd9
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25674.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25674.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25674
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01158
published_at 2026-06-11T12:55:00Z
1
value 0.0001
scoring_system epss
scoring_elements 0.01167
published_at 2026-06-14T12:55:00Z
2
value 0.0001
scoring_system epss
scoring_elements 0.01163
published_at 2026-06-13T12:55:00Z
3
value 0.0001
scoring_system epss
scoring_elements 0.01157
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25674
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25674
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25674
3
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://www.djangoproject.com/weblog/2026/mar/03/security-releases
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2026/mar/03/security-releases
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129595
reference_id 1129595
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129595
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2444111
reference_id 2444111
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2444111
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25674
reference_id CVE-2026-25674
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25674
10
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-03T15:27:07Z/
url https://groups.google.com/g/django-announce
11
reference_url https://github.com/advisories/GHSA-mjgh-79qc-68w3
reference_id GHSA-mjgh-79qc-68w3
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mjgh-79qc-68w3
12
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-03T15:27:07Z/
url https://docs.djangoproject.com/en/dev/releases/security/
13
reference_url https://www.djangoproject.com/weblog/2026/mar/03/security-releases/
reference_id security-releases
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-03T15:27:07Z/
url https://www.djangoproject.com/weblog/2026/mar/03/security-releases/
fixed_packages
0
url pkg:pypi/django@4.2.29
purl pkg:pypi/django@4.2.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jdjc-ygtk-c7hv
1
vulnerability VCID-q3sw-jd7p-1yg1
2
vulnerability VCID-r3dj-t213-jyhh
3
vulnerability VCID-zr7g-1xkm-fqdw
4
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.29
1
url pkg:pypi/django@5.0a1
purl pkg:pypi/django@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-xkrz-p214-hqhp
3
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0a1
2
url pkg:pypi/django@5.2.12
purl pkg:pypi/django@5.2.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-h5qf-zbcz-qygg
4
vulnerability VCID-jdjc-ygtk-c7hv
5
vulnerability VCID-m4mg-yd86-dyfw
6
vulnerability VCID-n915-wj16-wka6
7
vulnerability VCID-q3sw-jd7p-1yg1
8
vulnerability VCID-r3dj-t213-jyhh
9
vulnerability VCID-tvk1-4am9-f3cf
10
vulnerability VCID-z7sj-r61n-qbcd
11
vulnerability VCID-zr7g-1xkm-fqdw
12
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.12
3
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-dqpz-q718-pkas
3
vulnerability VCID-e331-cbgc-hubm
4
vulnerability VCID-pn2d-2euz-pudt
5
vulnerability VCID-sbwy-buwj-gkd2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
4
url pkg:pypi/django@6.0.3
purl pkg:pypi/django@6.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-h5qf-zbcz-qygg
4
vulnerability VCID-jdjc-ygtk-c7hv
5
vulnerability VCID-m4mg-yd86-dyfw
6
vulnerability VCID-n915-wj16-wka6
7
vulnerability VCID-q3sw-jd7p-1yg1
8
vulnerability VCID-r3dj-t213-jyhh
9
vulnerability VCID-tvk1-4am9-f3cf
10
vulnerability VCID-z7sj-r61n-qbcd
11
vulnerability VCID-zr7g-1xkm-fqdw
12
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.3
aliases CVE-2026-25674, GHSA-mjgh-79qc-68w3
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hb8n-gwz6-9yd9
8
url VCID-jdjc-ygtk-c7hv
vulnerability_id VCID-jdjc-ygtk-c7hv
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4277.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4277.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4277
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.06305
published_at 2026-06-11T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.06316
published_at 2026-06-13T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.06326
published_at 2026-06-12T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06604
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4277
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4277
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4277
3
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-pwjp-ccjc-ghwg
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pwjp-ccjc-ghwg
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-52.yaml
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-52.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-4277
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-4277
9
reference_url https://www.djangoproject.com/weblog/2026/apr/07/security-releases
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2026/apr/07/security-releases
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132927
reference_id 1132927
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132927
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455939
reference_id 2455939
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455939
12
reference_url https://usn.ubuntu.com/8154-1/
reference_id USN-8154-1
reference_type
scores
url https://usn.ubuntu.com/8154-1/
13
reference_url https://usn.ubuntu.com/8154-2/
reference_id USN-8154-2
reference_type
scores
url https://usn.ubuntu.com/8154-2/
fixed_packages
0
url pkg:pypi/django@4.2.30
purl pkg:pypi/django@4.2.30
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.30
1
url pkg:pypi/django@5.0a1
purl pkg:pypi/django@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-xkrz-p214-hqhp
3
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0a1
2
url pkg:pypi/django@5.2.13
purl pkg:pypi/django@5.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-h5qf-zbcz-qygg
4
vulnerability VCID-m4mg-yd86-dyfw
5
vulnerability VCID-n915-wj16-wka6
6
vulnerability VCID-tvk1-4am9-f3cf
7
vulnerability VCID-z7sj-r61n-qbcd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.13
3
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-dqpz-q718-pkas
3
vulnerability VCID-e331-cbgc-hubm
4
vulnerability VCID-pn2d-2euz-pudt
5
vulnerability VCID-sbwy-buwj-gkd2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
4
url pkg:pypi/django@6.0.4
purl pkg:pypi/django@6.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-h5qf-zbcz-qygg
4
vulnerability VCID-m4mg-yd86-dyfw
5
vulnerability VCID-n915-wj16-wka6
6
vulnerability VCID-tvk1-4am9-f3cf
7
vulnerability VCID-z7sj-r61n-qbcd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.4
aliases BIT-django-2026-4277, CVE-2026-4277, GHSA-pwjp-ccjc-ghwg, PYSEC-2026-52
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jdjc-ygtk-c7hv
9
url VCID-pn2d-2euz-pudt
vulnerability_id VCID-pn2d-2euz-pudt
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1207.json
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1207.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-1207
reference_id
reference_type
scores
0
value 0.06568
scoring_system epss
scoring_elements 0.91353
published_at 2026-06-11T12:55:00Z
1
value 0.06568
scoring_system epss
scoring_elements 0.91389
published_at 2026-06-14T12:55:00Z
2
value 0.06568
scoring_system epss
scoring_elements 0.91392
published_at 2026-06-13T12:55:00Z
3
value 0.06568
scoring_system epss
scoring_elements 0.91384
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-1207
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1207
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1207
3
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/81aa5292967cd09319c45fe2c1a525ce7b6684d8
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/81aa5292967cd09319c45fe2c1a525ce7b6684d8
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-44.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-44.yaml
8
reference_url https://www.djangoproject.com/weblog/2026/feb/03/security-releases
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2026/feb/03/security-releases
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126914
reference_id 1126914
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126914
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436338
reference_id 2436338
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436338
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-1207
reference_id CVE-2026-1207
reference_type
scores
0
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-1207
12
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:21:06Z/
url https://groups.google.com/g/django-announce
13
reference_url https://github.com/advisories/GHSA-mwm9-4648-f68q
reference_id GHSA-mwm9-4648-f68q
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mwm9-4648-f68q
14
reference_url https://access.redhat.com/errata/RHSA-2026:14835
reference_id RHSA-2026:14835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14835
15
reference_url https://access.redhat.com/errata/RHSA-2026:2694
reference_id RHSA-2026:2694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2694
16
reference_url https://access.redhat.com/errata/RHSA-2026:3958
reference_id RHSA-2026:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3958
17
reference_url https://access.redhat.com/errata/RHSA-2026:3959
reference_id RHSA-2026:3959
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3959
18
reference_url https://access.redhat.com/errata/RHSA-2026:3960
reference_id RHSA-2026:3960
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3960
19
reference_url https://access.redhat.com/errata/RHSA-2026:3962
reference_id RHSA-2026:3962
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3962
20
reference_url https://access.redhat.com/errata/RHSA-2026:5970
reference_id RHSA-2026:5970
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5970
21
reference_url https://access.redhat.com/errata/RHSA-2026:5971
reference_id RHSA-2026:5971
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5971
22
reference_url https://access.redhat.com/errata/RHSA-2026:6291
reference_id RHSA-2026:6291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6291
23
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:21:06Z/
url https://docs.djangoproject.com/en/dev/releases/security/
24
reference_url https://www.djangoproject.com/weblog/2026/feb/03/security-releases/
reference_id security-releases
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:21:06Z/
url https://www.djangoproject.com/weblog/2026/feb/03/security-releases/
25
reference_url https://usn.ubuntu.com/8009-1/
reference_id USN-8009-1
reference_type
scores
url https://usn.ubuntu.com/8009-1/
fixed_packages
0
url pkg:pypi/django@4.2.28
purl pkg:pypi/django@4.2.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dh5p-grha-r7a2
1
vulnerability VCID-hb8n-gwz6-9yd9
2
vulnerability VCID-jdjc-ygtk-c7hv
3
vulnerability VCID-q3sw-jd7p-1yg1
4
vulnerability VCID-r3dj-t213-jyhh
5
vulnerability VCID-zr7g-1xkm-fqdw
6
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.28
1
url pkg:pypi/django@5.0a1
purl pkg:pypi/django@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-xkrz-p214-hqhp
3
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0a1
2
url pkg:pypi/django@5.2.11
purl pkg:pypi/django@5.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-dh5p-grha-r7a2
4
vulnerability VCID-h5qf-zbcz-qygg
5
vulnerability VCID-hb8n-gwz6-9yd9
6
vulnerability VCID-jdjc-ygtk-c7hv
7
vulnerability VCID-m4mg-yd86-dyfw
8
vulnerability VCID-n915-wj16-wka6
9
vulnerability VCID-q3sw-jd7p-1yg1
10
vulnerability VCID-r3dj-t213-jyhh
11
vulnerability VCID-tvk1-4am9-f3cf
12
vulnerability VCID-z7sj-r61n-qbcd
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.11
3
url pkg:pypi/django@6.0.2
purl pkg:pypi/django@6.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-dh5p-grha-r7a2
4
vulnerability VCID-h5qf-zbcz-qygg
5
vulnerability VCID-hb8n-gwz6-9yd9
6
vulnerability VCID-jdjc-ygtk-c7hv
7
vulnerability VCID-m4mg-yd86-dyfw
8
vulnerability VCID-n915-wj16-wka6
9
vulnerability VCID-q3sw-jd7p-1yg1
10
vulnerability VCID-r3dj-t213-jyhh
11
vulnerability VCID-tvk1-4am9-f3cf
12
vulnerability VCID-z7sj-r61n-qbcd
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.2
aliases BIT-django-2026-1207, CVE-2026-1207, GHSA-mwm9-4648-f68q, PYSEC-2026-44
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pn2d-2euz-pudt
10
url VCID-q3sw-jd7p-1yg1
vulnerability_id VCID-q3sw-jd7p-1yg1
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4292.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4292.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4292
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02563
published_at 2026-06-11T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02852
published_at 2026-06-14T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02557
published_at 2026-06-13T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02567
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4292
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4292
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4292
3
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-mmwr-2jhp-mc7j
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mmwr-2jhp-mc7j
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-53.yaml
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-53.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-4292
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-4292
9
reference_url https://www.djangoproject.com/weblog/2026/apr/07/security-releases
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2026/apr/07/security-releases
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132927
reference_id 1132927
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132927
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455941
reference_id 2455941
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455941
12
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T15:12:50Z/
url https://groups.google.com/g/django-announce
13
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T15:12:50Z/
url https://docs.djangoproject.com/en/dev/releases/security/
14
reference_url https://www.djangoproject.com/weblog/2026/apr/07/security-releases/
reference_id security-releases
reference_type
scores
0
value 2.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T15:12:50Z/
url https://www.djangoproject.com/weblog/2026/apr/07/security-releases/
15
reference_url https://usn.ubuntu.com/8154-1/
reference_id USN-8154-1
reference_type
scores
url https://usn.ubuntu.com/8154-1/
16
reference_url https://usn.ubuntu.com/8154-2/
reference_id USN-8154-2
reference_type
scores
url https://usn.ubuntu.com/8154-2/
fixed_packages
0
url pkg:pypi/django@4.2.30
purl pkg:pypi/django@4.2.30
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.30
1
url pkg:pypi/django@5.0a1
purl pkg:pypi/django@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-xkrz-p214-hqhp
3
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0a1
2
url pkg:pypi/django@5.2.13
purl pkg:pypi/django@5.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-h5qf-zbcz-qygg
4
vulnerability VCID-m4mg-yd86-dyfw
5
vulnerability VCID-n915-wj16-wka6
6
vulnerability VCID-tvk1-4am9-f3cf
7
vulnerability VCID-z7sj-r61n-qbcd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.13
3
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-dqpz-q718-pkas
3
vulnerability VCID-e331-cbgc-hubm
4
vulnerability VCID-pn2d-2euz-pudt
5
vulnerability VCID-sbwy-buwj-gkd2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
4
url pkg:pypi/django@6.0.4
purl pkg:pypi/django@6.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-h5qf-zbcz-qygg
4
vulnerability VCID-m4mg-yd86-dyfw
5
vulnerability VCID-n915-wj16-wka6
6
vulnerability VCID-tvk1-4am9-f3cf
7
vulnerability VCID-z7sj-r61n-qbcd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.4
aliases BIT-django-2026-4292, CVE-2026-4292, GHSA-mmwr-2jhp-mc7j, PYSEC-2026-53
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q3sw-jd7p-1yg1
11
url VCID-r3dj-t213-jyhh
vulnerability_id VCID-r3dj-t213-jyhh
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33034.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33034.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33034
reference_id
reference_type
scores
0
value 0.00035
scoring_system epss
scoring_elements 0.10828
published_at 2026-06-13T12:55:00Z
1
value 0.00035
scoring_system epss
scoring_elements 0.1077
published_at 2026-06-11T12:55:00Z
2
value 0.00037
scoring_system epss
scoring_elements 0.11291
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33034
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33034
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33034
3
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-933h-hp56-hf7m
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-933h-hp56-hf7m
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-49.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-49.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33034
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33034
9
reference_url https://www.djangoproject.com/weblog/2026/apr/07/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2026/apr/07/security-releases
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132927
reference_id 1132927
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132927
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455927
reference_id 2455927
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455927
12
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T20:43:43Z/
url https://groups.google.com/g/django-announce
13
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T20:43:43Z/
url https://docs.djangoproject.com/en/dev/releases/security/
14
reference_url https://www.djangoproject.com/weblog/2026/apr/07/security-releases/
reference_id security-releases
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T20:43:43Z/
url https://www.djangoproject.com/weblog/2026/apr/07/security-releases/
15
reference_url https://usn.ubuntu.com/8154-1/
reference_id USN-8154-1
reference_type
scores
url https://usn.ubuntu.com/8154-1/
fixed_packages
0
url pkg:pypi/django@4.2.30
purl pkg:pypi/django@4.2.30
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.30
1
url pkg:pypi/django@5.0a1
purl pkg:pypi/django@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-xkrz-p214-hqhp
3
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0a1
2
url pkg:pypi/django@5.2.13
purl pkg:pypi/django@5.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-h5qf-zbcz-qygg
4
vulnerability VCID-m4mg-yd86-dyfw
5
vulnerability VCID-n915-wj16-wka6
6
vulnerability VCID-tvk1-4am9-f3cf
7
vulnerability VCID-z7sj-r61n-qbcd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.13
3
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-dqpz-q718-pkas
3
vulnerability VCID-e331-cbgc-hubm
4
vulnerability VCID-pn2d-2euz-pudt
5
vulnerability VCID-sbwy-buwj-gkd2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
4
url pkg:pypi/django@6.0.4
purl pkg:pypi/django@6.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-h5qf-zbcz-qygg
4
vulnerability VCID-m4mg-yd86-dyfw
5
vulnerability VCID-n915-wj16-wka6
6
vulnerability VCID-tvk1-4am9-f3cf
7
vulnerability VCID-z7sj-r61n-qbcd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.4
aliases BIT-django-2026-33034, CVE-2026-33034, GHSA-933h-hp56-hf7m, PYSEC-2026-49
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r3dj-t213-jyhh
12
url VCID-sbwy-buwj-gkd2
vulnerability_id VCID-sbwy-buwj-gkd2
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14550.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14550.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14550
reference_id
reference_type
scores
0
value 0.00072
scoring_system epss
scoring_elements 0.22281
published_at 2026-06-14T12:55:00Z
1
value 0.00072
scoring_system epss
scoring_elements 0.22302
published_at 2026-06-13T12:55:00Z
2
value 0.00072
scoring_system epss
scoring_elements 0.22099
published_at 2026-06-11T12:55:00Z
3
value 0.00072
scoring_system epss
scoring_elements 0.22289
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14550
2
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
5
reference_url https://github.com/django/django/commit/eb22e1d6d643360e952609ef562c139a100ea4eb
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/eb22e1d6d643360e952609ef562c139a100ea4eb
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-43.yaml
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-43.yaml
7
reference_url https://www.djangoproject.com/weblog/2026/feb/03/security-releases
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2026/feb/03/security-releases
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126914
reference_id 1126914
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126914
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436341
reference_id 2436341
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436341
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-14550
reference_id CVE-2025-14550
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-14550
11
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:27:25Z/
url https://groups.google.com/g/django-announce
12
reference_url https://github.com/advisories/GHSA-33mw-q7rj-mjwj
reference_id GHSA-33mw-q7rj-mjwj
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-33mw-q7rj-mjwj
13
reference_url https://access.redhat.com/errata/RHSA-2026:13508
reference_id RHSA-2026:13508
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13508
14
reference_url https://access.redhat.com/errata/RHSA-2026:14835
reference_id RHSA-2026:14835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14835
15
reference_url https://access.redhat.com/errata/RHSA-2026:2694
reference_id RHSA-2026:2694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2694
16
reference_url https://access.redhat.com/errata/RHSA-2026:3958
reference_id RHSA-2026:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3958
17
reference_url https://access.redhat.com/errata/RHSA-2026:3959
reference_id RHSA-2026:3959
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3959
18
reference_url https://access.redhat.com/errata/RHSA-2026:5970
reference_id RHSA-2026:5970
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5970
19
reference_url https://access.redhat.com/errata/RHSA-2026:5971
reference_id RHSA-2026:5971
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5971
20
reference_url https://access.redhat.com/errata/RHSA-2026:6291
reference_id RHSA-2026:6291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6291
21
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:27:25Z/
url https://docs.djangoproject.com/en/dev/releases/security/
22
reference_url https://www.djangoproject.com/weblog/2026/feb/03/security-releases/
reference_id security-releases
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T16:27:25Z/
url https://www.djangoproject.com/weblog/2026/feb/03/security-releases/
23
reference_url https://usn.ubuntu.com/8009-1/
reference_id USN-8009-1
reference_type
scores
url https://usn.ubuntu.com/8009-1/
fixed_packages
0
url pkg:pypi/django@4.2.28
purl pkg:pypi/django@4.2.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dh5p-grha-r7a2
1
vulnerability VCID-hb8n-gwz6-9yd9
2
vulnerability VCID-jdjc-ygtk-c7hv
3
vulnerability VCID-q3sw-jd7p-1yg1
4
vulnerability VCID-r3dj-t213-jyhh
5
vulnerability VCID-zr7g-1xkm-fqdw
6
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.28
1
url pkg:pypi/django@5.0a1
purl pkg:pypi/django@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-xkrz-p214-hqhp
3
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0a1
2
url pkg:pypi/django@5.2.11
purl pkg:pypi/django@5.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-dh5p-grha-r7a2
4
vulnerability VCID-h5qf-zbcz-qygg
5
vulnerability VCID-hb8n-gwz6-9yd9
6
vulnerability VCID-jdjc-ygtk-c7hv
7
vulnerability VCID-m4mg-yd86-dyfw
8
vulnerability VCID-n915-wj16-wka6
9
vulnerability VCID-q3sw-jd7p-1yg1
10
vulnerability VCID-r3dj-t213-jyhh
11
vulnerability VCID-tvk1-4am9-f3cf
12
vulnerability VCID-z7sj-r61n-qbcd
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.11
3
url pkg:pypi/django@6.0.2
purl pkg:pypi/django@6.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-dh5p-grha-r7a2
4
vulnerability VCID-h5qf-zbcz-qygg
5
vulnerability VCID-hb8n-gwz6-9yd9
6
vulnerability VCID-jdjc-ygtk-c7hv
7
vulnerability VCID-m4mg-yd86-dyfw
8
vulnerability VCID-n915-wj16-wka6
9
vulnerability VCID-q3sw-jd7p-1yg1
10
vulnerability VCID-r3dj-t213-jyhh
11
vulnerability VCID-tvk1-4am9-f3cf
12
vulnerability VCID-z7sj-r61n-qbcd
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.2
aliases BIT-django-2025-14550, CVE-2025-14550, GHSA-33mw-q7rj-mjwj, PYSEC-2026-43
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sbwy-buwj-gkd2
13
url VCID-zr7g-1xkm-fqdw
vulnerability_id VCID-zr7g-1xkm-fqdw
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33033.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33033.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33033
reference_id
reference_type
scores
0
value 0.00049
scoring_system epss
scoring_elements 0.15591
published_at 2026-06-11T12:55:00Z
1
value 0.00049
scoring_system epss
scoring_elements 0.15743
published_at 2026-06-13T12:55:00Z
2
value 0.00049
scoring_system epss
scoring_elements 0.1573
published_at 2026-06-12T12:55:00Z
3
value 0.00057
scoring_system epss
scoring_elements 0.18202
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33033
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33033
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33033
3
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-5mf9-h53q-7mhq
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5mf9-h53q-7mhq
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-48.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-48.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33033
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33033
9
reference_url https://www.djangoproject.com/weblog/2026/apr/07/security-releases
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2026/apr/07/security-releases
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132927
reference_id 1132927
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132927
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455962
reference_id 2455962
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455962
12
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T15:21:08Z/
url https://groups.google.com/g/django-announce
13
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T15:21:08Z/
url https://docs.djangoproject.com/en/dev/releases/security/
14
reference_url https://www.djangoproject.com/weblog/2026/apr/07/security-releases/
reference_id security-releases
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T15:21:08Z/
url https://www.djangoproject.com/weblog/2026/apr/07/security-releases/
15
reference_url https://usn.ubuntu.com/8154-1/
reference_id USN-8154-1
reference_type
scores
url https://usn.ubuntu.com/8154-1/
16
reference_url https://usn.ubuntu.com/8154-2/
reference_id USN-8154-2
reference_type
scores
url https://usn.ubuntu.com/8154-2/
fixed_packages
0
url pkg:pypi/django@4.2.30
purl pkg:pypi/django@4.2.30
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.30
1
url pkg:pypi/django@5.0a1
purl pkg:pypi/django@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-xkrz-p214-hqhp
3
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0a1
2
url pkg:pypi/django@5.2.13
purl pkg:pypi/django@5.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-h5qf-zbcz-qygg
4
vulnerability VCID-m4mg-yd86-dyfw
5
vulnerability VCID-n915-wj16-wka6
6
vulnerability VCID-tvk1-4am9-f3cf
7
vulnerability VCID-z7sj-r61n-qbcd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.13
3
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-dqpz-q718-pkas
3
vulnerability VCID-e331-cbgc-hubm
4
vulnerability VCID-pn2d-2euz-pudt
5
vulnerability VCID-sbwy-buwj-gkd2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
4
url pkg:pypi/django@6.0.4
purl pkg:pypi/django@6.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-h5qf-zbcz-qygg
4
vulnerability VCID-m4mg-yd86-dyfw
5
vulnerability VCID-n915-wj16-wka6
6
vulnerability VCID-tvk1-4am9-f3cf
7
vulnerability VCID-z7sj-r61n-qbcd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.4
aliases BIT-django-2026-33033, CVE-2026-33033, GHSA-5mf9-h53q-7mhq, PYSEC-2026-48
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zr7g-1xkm-fqdw
14
url VCID-zztc-4be5-fker
vulnerability_id VCID-zztc-4be5-fker
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3902.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3902.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-3902
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03924
published_at 2026-06-11T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03931
published_at 2026-06-13T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.03942
published_at 2026-06-12T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.04338
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-3902
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3902
3
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-mvfq-ggxm-9mc5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mvfq-ggxm-9mc5
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-51.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2026-51.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-3902
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-3902
9
reference_url https://www.djangoproject.com/weblog/2026/apr/07/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2026/apr/07/security-releases
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132927
reference_id 1132927
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132927
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455935
reference_id 2455935
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455935
12
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:14:03Z/
url https://groups.google.com/g/django-announce
13
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:14:03Z/
url https://docs.djangoproject.com/en/dev/releases/security/
14
reference_url https://www.djangoproject.com/weblog/2026/apr/07/security-releases/
reference_id security-releases
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:14:03Z/
url https://www.djangoproject.com/weblog/2026/apr/07/security-releases/
15
reference_url https://usn.ubuntu.com/8154-1/
reference_id USN-8154-1
reference_type
scores
url https://usn.ubuntu.com/8154-1/
fixed_packages
0
url pkg:pypi/django@4.2.30
purl pkg:pypi/django@4.2.30
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.30
1
url pkg:pypi/django@5.0a1
purl pkg:pypi/django@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-xkrz-p214-hqhp
3
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0a1
2
url pkg:pypi/django@5.2.13
purl pkg:pypi/django@5.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-h5qf-zbcz-qygg
4
vulnerability VCID-m4mg-yd86-dyfw
5
vulnerability VCID-n915-wj16-wka6
6
vulnerability VCID-tvk1-4am9-f3cf
7
vulnerability VCID-z7sj-r61n-qbcd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.13
3
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-dqpz-q718-pkas
3
vulnerability VCID-e331-cbgc-hubm
4
vulnerability VCID-pn2d-2euz-pudt
5
vulnerability VCID-sbwy-buwj-gkd2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
4
url pkg:pypi/django@6.0.4
purl pkg:pypi/django@6.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g9h-ryet-2ffs
1
vulnerability VCID-1mp4-kq35-1ba7
2
vulnerability VCID-8tz7-vjwz-rycs
3
vulnerability VCID-h5qf-zbcz-qygg
4
vulnerability VCID-m4mg-yd86-dyfw
5
vulnerability VCID-n915-wj16-wka6
6
vulnerability VCID-tvk1-4am9-f3cf
7
vulnerability VCID-z7sj-r61n-qbcd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.4
aliases BIT-django-2026-3902, CVE-2026-3902, GHSA-mvfq-ggxm-9mc5, PYSEC-2026-51
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zztc-4be5-fker
Fixing_vulnerabilities
0
url VCID-beas-dwx6-1ffp
vulnerability_id VCID-beas-dwx6-1ffp
summary 
An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8.
The methods `QuerySet.filter()`, `QuerySet.exclude()`, and `QuerySet.get()`, and the class `Q()`, are subject to SQL injection when using a suitably crafted dictionary, with dictionary expansion, as the `_connector` argument.
Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.
Django would like to thank cyberstan for reporting this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64459.json
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64459.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-64459
reference_id
reference_type
scores
0
value 0.00282
scoring_system epss
scoring_elements 0.52082
published_at 2026-06-14T12:55:00Z
1
value 0.00282
scoring_system epss
scoring_elements 0.52098
published_at 2026-06-13T12:55:00Z
2
value 0.00282
scoring_system epss
scoring_elements 0.51956
published_at 2026-06-11T12:55:00Z
3
value 0.00282
scoring_system epss
scoring_elements 0.52086
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-64459
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
27
reference_url https://github.com/django/django/commit/06dd38324ac3d60d83d9f3adabf0dcdf423d2a85
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/06dd38324ac3d60d83d9f3adabf0dcdf423d2a85
28
reference_url https://github.com/django/django/commit/59ae82e67053d281ff4562a24bbba21299f0a7d4
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/59ae82e67053d281ff4562a24bbba21299f0a7d4
29
reference_url https://github.com/django/django/commit/6703f364d767e949c5b0e4016433ef75063b4f9b
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6703f364d767e949c5b0e4016433ef75063b4f9b
30
reference_url https://github.com/django/django/commit/72d2c87431f2ae0431d65d0ec792047f078c8241
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/72d2c87431f2ae0431d65d0ec792047f078c8241
31
reference_url https://github.com/omarkurt/django-connector-CVE-2025-64459-testbed
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/omarkurt/django-connector-CVE-2025-64459-testbed
32
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-108.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-108.yaml
33
reference_url https://shivasurya.me/security/django/2025/11/07/django-sql-injection-CVE-2025-64459.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://shivasurya.me/security/django/2025/11/07/django-sql-injection-CVE-2025-64459.html
34
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
35
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120139
reference_id 1120139
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120139
36
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2412651
reference_id 2412651
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2412651
37
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52456.py
reference_id CVE-2025-64459
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52456.py
38
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-64459
reference_id CVE-2025-64459
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-64459
39
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-06T04:55:36Z/
url https://groups.google.com/g/django-announce
40
reference_url https://github.com/advisories/GHSA-frmv-pr5f-9mcr
reference_id GHSA-frmv-pr5f-9mcr
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-frmv-pr5f-9mcr
41
reference_url https://access.redhat.com/errata/RHSA-2025:23069
reference_id RHSA-2025:23069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23069
42
reference_url https://access.redhat.com/errata/RHSA-2025:23070
reference_id RHSA-2025:23070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23070
43
reference_url https://access.redhat.com/errata/RHSA-2025:23130
reference_id RHSA-2025:23130
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23130
44
reference_url https://access.redhat.com/errata/RHSA-2025:23131
reference_id RHSA-2025:23131
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23131
45
reference_url https://access.redhat.com/errata/RHSA-2025:23133
reference_id RHSA-2025:23133
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23133
46
reference_url https://access.redhat.com/errata/RHSA-2025:23196
reference_id RHSA-2025:23196
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23196
47
reference_url https://access.redhat.com/errata/RHSA-2026:1596
reference_id RHSA-2026:1596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1596
48
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-06T04:55:36Z/
url https://docs.djangoproject.com/en/dev/releases/security/
49
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
reference_id security-releases
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-06T04:55:36Z/
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
50
reference_url https://usn.ubuntu.com/7859-1/
reference_id USN-7859-1
reference_type
scores
url https://usn.ubuntu.com/7859-1/
fixed_packages
0
url pkg:pypi/django@4.2.26
purl pkg:pypi/django@4.2.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-72z9-v49q-vbcc
3
vulnerability VCID-81b9-uqyv-kkhm
4
vulnerability VCID-dh5p-grha-r7a2
5
vulnerability VCID-dqpz-q718-pkas
6
vulnerability VCID-e331-cbgc-hubm
7
vulnerability VCID-hb8n-gwz6-9yd9
8
vulnerability VCID-jdjc-ygtk-c7hv
9
vulnerability VCID-pn2d-2euz-pudt
10
vulnerability VCID-q3sw-jd7p-1yg1
11
vulnerability VCID-r3dj-t213-jyhh
12
vulnerability VCID-sbwy-buwj-gkd2
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.26
1
url pkg:pypi/django@5.1.14
purl pkg:pypi/django@5.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-72z9-v49q-vbcc
1
vulnerability VCID-81b9-uqyv-kkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.14
2
url pkg:pypi/django@5.2.8
purl pkg:pypi/django@5.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-1g9h-ryet-2ffs
2
vulnerability VCID-1mp4-kq35-1ba7
3
vulnerability VCID-4xtu-yeh2-pbc8
4
vulnerability VCID-72z9-v49q-vbcc
5
vulnerability VCID-81b9-uqyv-kkhm
6
vulnerability VCID-8tz7-vjwz-rycs
7
vulnerability VCID-dh5p-grha-r7a2
8
vulnerability VCID-dqpz-q718-pkas
9
vulnerability VCID-e331-cbgc-hubm
10
vulnerability VCID-h5qf-zbcz-qygg
11
vulnerability VCID-hb8n-gwz6-9yd9
12
vulnerability VCID-jdjc-ygtk-c7hv
13
vulnerability VCID-m4mg-yd86-dyfw
14
vulnerability VCID-n915-wj16-wka6
15
vulnerability VCID-pn2d-2euz-pudt
16
vulnerability VCID-q3sw-jd7p-1yg1
17
vulnerability VCID-r3dj-t213-jyhh
18
vulnerability VCID-sbwy-buwj-gkd2
19
vulnerability VCID-tvk1-4am9-f3cf
20
vulnerability VCID-z7sj-r61n-qbcd
21
vulnerability VCID-zr7g-1xkm-fqdw
22
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.8
3
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-dqpz-q718-pkas
3
vulnerability VCID-e331-cbgc-hubm
4
vulnerability VCID-pn2d-2euz-pudt
5
vulnerability VCID-sbwy-buwj-gkd2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
aliases BIT-django-2025-64459, CVE-2025-64459, GHSA-frmv-pr5f-9mcr, PYSEC-2025-108
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-beas-dwx6-1ffp
1
url VCID-xkrz-p214-hqhp
vulnerability_id VCID-xkrz-p214-hqhp
summary 
An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8.
NFKC normalization in Python is slow on Windows. As a consequence, `django.http.HttpResponseRedirect`, `django.http.HttpResponsePermanentRedirect`, and the shortcut `django.shortcuts.redirect`  were subject to a potential  denial-of-service attack via certain inputs with a very large number of Unicode characters.
Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.
Django would like to thank Seokchan Yoon for reporting this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64458.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64458.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-64458
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.07348
published_at 2026-06-14T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.0735
published_at 2026-06-13T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.07314
published_at 2026-06-11T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.07356
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-64458
2
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
3
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
4
reference_url https://github.com/django/django/commit/3790593781d26168e7306b5b2f8ea0309de16242
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/3790593781d26168e7306b5b2f8ea0309de16242
5
reference_url https://github.com/django/django/commit/4f5d904b63751dea9ffc3b0e046404a7fa5881ac
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4f5d904b63751dea9ffc3b0e046404a7fa5881ac
6
reference_url https://github.com/django/django/commit/6e13348436fccf8f22982921d6a3a3e65c956a9f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6e13348436fccf8f22982921d6a3a3e65c956a9f
7
reference_url https://github.com/django/django/commit/770eea38d7a0e9ba9455140b5a9a9e33618226a7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/770eea38d7a0e9ba9455140b5a9a9e33618226a7
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-107.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-107.yaml
9
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2412649
reference_id 2412649
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2412649
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-64458
reference_id CVE-2025-64458
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-64458
12
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-05T16:20:23Z/
url https://groups.google.com/g/django-announce
13
reference_url https://github.com/advisories/GHSA-qw25-v68c-qjf3
reference_id GHSA-qw25-v68c-qjf3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qw25-v68c-qjf3
14
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-05T16:20:23Z/
url https://docs.djangoproject.com/en/dev/releases/security/
15
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
reference_id security-releases
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-05T16:20:23Z/
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
fixed_packages
0
url pkg:pypi/django@4.2.26
purl pkg:pypi/django@4.2.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-72z9-v49q-vbcc
3
vulnerability VCID-81b9-uqyv-kkhm
4
vulnerability VCID-dh5p-grha-r7a2
5
vulnerability VCID-dqpz-q718-pkas
6
vulnerability VCID-e331-cbgc-hubm
7
vulnerability VCID-hb8n-gwz6-9yd9
8
vulnerability VCID-jdjc-ygtk-c7hv
9
vulnerability VCID-pn2d-2euz-pudt
10
vulnerability VCID-q3sw-jd7p-1yg1
11
vulnerability VCID-r3dj-t213-jyhh
12
vulnerability VCID-sbwy-buwj-gkd2
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.26
1
url pkg:pypi/django@5.1.14
purl pkg:pypi/django@5.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-72z9-v49q-vbcc
1
vulnerability VCID-81b9-uqyv-kkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.14
2
url pkg:pypi/django@5.2.8
purl pkg:pypi/django@5.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-1g9h-ryet-2ffs
2
vulnerability VCID-1mp4-kq35-1ba7
3
vulnerability VCID-4xtu-yeh2-pbc8
4
vulnerability VCID-72z9-v49q-vbcc
5
vulnerability VCID-81b9-uqyv-kkhm
6
vulnerability VCID-8tz7-vjwz-rycs
7
vulnerability VCID-dh5p-grha-r7a2
8
vulnerability VCID-dqpz-q718-pkas
9
vulnerability VCID-e331-cbgc-hubm
10
vulnerability VCID-h5qf-zbcz-qygg
11
vulnerability VCID-hb8n-gwz6-9yd9
12
vulnerability VCID-jdjc-ygtk-c7hv
13
vulnerability VCID-m4mg-yd86-dyfw
14
vulnerability VCID-n915-wj16-wka6
15
vulnerability VCID-pn2d-2euz-pudt
16
vulnerability VCID-q3sw-jd7p-1yg1
17
vulnerability VCID-r3dj-t213-jyhh
18
vulnerability VCID-sbwy-buwj-gkd2
19
vulnerability VCID-tvk1-4am9-f3cf
20
vulnerability VCID-z7sj-r61n-qbcd
21
vulnerability VCID-zr7g-1xkm-fqdw
22
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.8
3
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-dqpz-q718-pkas
3
vulnerability VCID-e331-cbgc-hubm
4
vulnerability VCID-pn2d-2euz-pudt
5
vulnerability VCID-sbwy-buwj-gkd2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
aliases BIT-django-2025-64458, CVE-2025-64458, GHSA-qw25-v68c-qjf3, PYSEC-2025-107
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xkrz-p214-hqhp
Risk_score4.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.26