Lookup for vulnerable packages by Package URL.
| Purl | pkg:deb/debian/znuny@6.5.13-1?distro=trixie |
|---|
| Type | deb |
|---|
| Namespace | debian |
|---|
| Name | znuny |
|---|
| Version | 6.5.13-1 |
|---|
| Qualifiers |
|
|---|
| Subpath | |
|---|
| Is_vulnerable | false |
|---|
| Next_non_vulnerable_version | 6.5.16-1 |
|---|
| Latest_non_vulnerable_version | 6.5.19-1 |
|---|
| Affected_by_vulnerabilities |
|
|---|
| Fixing_vulnerabilities |
| 0 |
| url |
VCID-1mkr-c1ay-jygw |
| vulnerability_id |
VCID-1mkr-c1ay-jygw |
| summary |
An issue was discovered in Znuny through 7.1.3. A cookie is set without the HttpOnly flag. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-26844 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00366 |
| scoring_system |
epss |
| scoring_elements |
0.58634 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00366 |
| scoring_system |
epss |
| scoring_elements |
0.58619 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00366 |
| scoring_system |
epss |
| scoring_elements |
0.58652 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00366 |
| scoring_system |
epss |
| scoring_elements |
0.58657 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00366 |
| scoring_system |
epss |
| scoring_elements |
0.58592 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00366 |
| scoring_system |
epss |
| scoring_elements |
0.58613 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00366 |
| scoring_system |
epss |
| scoring_elements |
0.58583 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00366 |
| scoring_system |
epss |
| scoring_elements |
0.58635 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00366 |
| scoring_system |
epss |
| scoring_elements |
0.58641 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00366 |
| scoring_system |
epss |
| scoring_elements |
0.58658 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00366 |
| scoring_system |
epss |
| scoring_elements |
0.58639 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-26844 |
|
| 1 |
| reference_url |
https://www.znuny.com |
| reference_id |
www.znuny.com |
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:48:53Z/ |
|
|
| url |
https://www.znuny.com |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-26844
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
4.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1mkr-c1ay-jygw |
|
| 1 |
| url |
VCID-cqx8-tegf-pfhh |
| vulnerability_id |
VCID-cqx8-tegf-pfhh |
| summary |
An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content of S/MIME encrypted e-mail messages is visible to users with access to the CommunicationLog. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-26842 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52207 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52225 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.5212 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52147 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52112 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52166 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52162 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52213 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52196 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52182 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00287 |
| scoring_system |
epss |
| scoring_elements |
0.52222 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-26842 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-26842
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cqx8-tegf-pfhh |
|
| 2 |
| url |
VCID-s8fu-wpk4-3ycc |
| vulnerability_id |
VCID-s8fu-wpk4-3ycc |
| summary |
An issue was discovered in Znuny before 7.1.4. Permissions are not checked properly when using the Generic Interface to update ticket metadata. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-26846 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00404 |
| scoring_system |
epss |
| scoring_elements |
0.61011 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00404 |
| scoring_system |
epss |
| scoring_elements |
0.60982 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00404 |
| scoring_system |
epss |
| scoring_elements |
0.60963 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00404 |
| scoring_system |
epss |
| scoring_elements |
0.61005 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00404 |
| scoring_system |
epss |
| scoring_elements |
0.60916 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00404 |
| scoring_system |
epss |
| scoring_elements |
0.60945 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00404 |
| scoring_system |
epss |
| scoring_elements |
0.6091 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00404 |
| scoring_system |
epss |
| scoring_elements |
0.60959 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00404 |
| scoring_system |
epss |
| scoring_elements |
0.60975 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00404 |
| scoring_system |
epss |
| scoring_elements |
0.60997 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-26846 |
|
| 1 |
| reference_url |
https://www.znuny.com |
| reference_id |
www.znuny.com |
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-12T21:50:36Z/ |
|
|
| url |
https://www.znuny.com |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-26846
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
4.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s8fu-wpk4-3ycc |
|
| 3 |
| url |
VCID-yrdb-btgm-p3cd |
| vulnerability_id |
VCID-yrdb-btgm-p3cd |
| summary |
An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the configuration file can use this to execute a command executed by the user running the backup.pl script. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-26845 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0041 |
| scoring_system |
epss |
| scoring_elements |
0.61359 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0041 |
| scoring_system |
epss |
| scoring_elements |
0.61336 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.0041 |
| scoring_system |
epss |
| scoring_elements |
0.61374 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.0041 |
| scoring_system |
epss |
| scoring_elements |
0.61379 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.0041 |
| scoring_system |
epss |
| scoring_elements |
0.61289 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.0041 |
| scoring_system |
epss |
| scoring_elements |
0.61318 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.0041 |
| scoring_system |
epss |
| scoring_elements |
0.61286 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.0041 |
| scoring_system |
epss |
| scoring_elements |
0.61334 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.0041 |
| scoring_system |
epss |
| scoring_elements |
0.61349 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.0041 |
| scoring_system |
epss |
| scoring_elements |
0.61369 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.0041 |
| scoring_system |
epss |
| scoring_elements |
0.61354 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-26845 |
|
| 1 |
| reference_url |
https://www.znuny.com |
| reference_id |
www.znuny.com |
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:45:30Z/ |
|
|
| url |
https://www.znuny.com |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-26845
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
4.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yrdb-btgm-p3cd |
|
|
|---|
| Risk_score | null |
|---|
| Resource_url | http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.13-1%3Fdistro=trixie |
|---|