Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-fugr-ve7z-efdb
Summarybusybox: BusyBox: Arbitrary file overwrite and potential code execution via incomplete path sanitization
Aliases
0
alias CVE-2026-26157
Fixed_packages
0
url pkg:deb/debian/busybox@1:1.35.0-4%2Bdeb12u1
purl pkg:deb/debian/busybox@1:1.35.0-4%2Bdeb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4%252Bdeb12u1
1
url pkg:deb/debian/busybox@1:1.37.0-10.1
purl pkg:deb/debian/busybox@1:1.37.0-10.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1
2
url pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie
purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8844-hdkd-yyc7
1
vulnerability VCID-8r73-bpac-dubc
2
vulnerability VCID-92nk-cwc9-rkg4
3
vulnerability VCID-fugr-ve7z-efdb
4
vulnerability VCID-g5t1-3tab-uuf9
5
vulnerability VCID-jjqh-pw7r-buau
6
vulnerability VCID-n1u3-njfx-vfcp
7
vulnerability VCID-rp81-5jrg-jkht
8
vulnerability VCID-svyb-nqje-dbcs
9
vulnerability VCID-syfd-zx16-n3gy
10
vulnerability VCID-t62w-rrsb-vqgy
11
vulnerability VCID-vjyq-6k64-7fat
12
vulnerability VCID-xjbx-z3d5-5bad
13
vulnerability VCID-ytff-pgz4-tub2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie
1
url pkg:deb/debian/busybox@1:1.30.1-6
purl pkg:deb/debian/busybox@1:1.30.1-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4muk-rhx5-yqeu
1
vulnerability VCID-4qpt-mxfy-6bh6
2
vulnerability VCID-8844-hdkd-yyc7
3
vulnerability VCID-8r73-bpac-dubc
4
vulnerability VCID-92nk-cwc9-rkg4
5
vulnerability VCID-9fex-zr2n-w3cb
6
vulnerability VCID-9s28-b1gj-uqaj
7
vulnerability VCID-dse8-esmh-3ygm
8
vulnerability VCID-fugr-ve7z-efdb
9
vulnerability VCID-g5t1-3tab-uuf9
10
vulnerability VCID-gdfa-8gar-47gd
11
vulnerability VCID-jjqh-pw7r-buau
12
vulnerability VCID-jjxj-yf1x-4qg5
13
vulnerability VCID-mdmz-hjvu-hke3
14
vulnerability VCID-n1u3-njfx-vfcp
15
vulnerability VCID-r12h-q1dj-a7b8
16
vulnerability VCID-rp81-5jrg-jkht
17
vulnerability VCID-svyb-nqje-dbcs
18
vulnerability VCID-syfd-zx16-n3gy
19
vulnerability VCID-t62w-rrsb-vqgy
20
vulnerability VCID-tkat-gfks-kqg9
21
vulnerability VCID-v6td-yjyg-rub4
22
vulnerability VCID-vjyq-6k64-7fat
23
vulnerability VCID-vpmv-afzs-tffj
24
vulnerability VCID-xjbx-z3d5-5bad
25
vulnerability VCID-y9hd-5med-67c4
26
vulnerability VCID-ytff-pgz4-tub2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6
2
url pkg:deb/debian/busybox@1:1.35.0-4
purl pkg:deb/debian/busybox@1:1.35.0-4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8844-hdkd-yyc7
1
vulnerability VCID-9s28-b1gj-uqaj
2
vulnerability VCID-fugr-ve7z-efdb
3
vulnerability VCID-g5t1-3tab-uuf9
4
vulnerability VCID-jjqh-pw7r-buau
5
vulnerability VCID-n1u3-njfx-vfcp
6
vulnerability VCID-syfd-zx16-n3gy
7
vulnerability VCID-t62w-rrsb-vqgy
8
vulnerability VCID-v6td-yjyg-rub4
9
vulnerability VCID-xjbx-z3d5-5bad
10
vulnerability VCID-y9hd-5med-67c4
11
vulnerability VCID-ytff-pgz4-tub2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4
3
url pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie
purl pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8844-hdkd-yyc7
1
vulnerability VCID-9s28-b1gj-uqaj
2
vulnerability VCID-fugr-ve7z-efdb
3
vulnerability VCID-g5t1-3tab-uuf9
4
vulnerability VCID-jjqh-pw7r-buau
5
vulnerability VCID-n1u3-njfx-vfcp
6
vulnerability VCID-syfd-zx16-n3gy
7
vulnerability VCID-t62w-rrsb-vqgy
8
vulnerability VCID-v6td-yjyg-rub4
9
vulnerability VCID-xjbx-z3d5-5bad
10
vulnerability VCID-y9hd-5med-67c4
11
vulnerability VCID-ytff-pgz4-tub2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4%3Fdistro=trixie
4
url pkg:deb/debian/busybox@1:1.37.0-6
purl pkg:deb/debian/busybox@1:1.37.0-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8844-hdkd-yyc7
1
vulnerability VCID-fugr-ve7z-efdb
2
vulnerability VCID-g5t1-3tab-uuf9
3
vulnerability VCID-jjqh-pw7r-buau
4
vulnerability VCID-n1u3-njfx-vfcp
5
vulnerability VCID-t62w-rrsb-vqgy
6
vulnerability VCID-ytff-pgz4-tub2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6
5
url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie
purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8844-hdkd-yyc7
1
vulnerability VCID-fugr-ve7z-efdb
2
vulnerability VCID-g5t1-3tab-uuf9
3
vulnerability VCID-jjqh-pw7r-buau
4
vulnerability VCID-n1u3-njfx-vfcp
5
vulnerability VCID-t62w-rrsb-vqgy
6
vulnerability VCID-ytff-pgz4-tub2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26157.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26157.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26157
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.00275
published_at 2026-04-16T12:55:00Z
1
value 6e-05
scoring_system epss
scoring_elements 0.00296
published_at 2026-04-02T12:55:00Z
2
value 6e-05
scoring_system epss
scoring_elements 0.00293
published_at 2026-04-04T12:55:00Z
3
value 6e-05
scoring_system epss
scoring_elements 0.00285
published_at 2026-04-07T12:55:00Z
4
value 6e-05
scoring_system epss
scoring_elements 0.00283
published_at 2026-04-08T12:55:00Z
5
value 6e-05
scoring_system epss
scoring_elements 0.00282
published_at 2026-04-11T12:55:00Z
6
value 6e-05
scoring_system epss
scoring_elements 0.00279
published_at 2026-04-12T12:55:00Z
7
value 6e-05
scoring_system epss
scoring_elements 0.00278
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26157
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26157
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26157
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127782
reference_id 1127782
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127782
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2439039
reference_id 2439039
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-11T20:50:59Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-12T04:55:24Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2439039
6
reference_url https://git.busybox.net/busybox/commit/archival?id=3fb6b31c716669e12f75a2accd31bb7685b1a1cb
reference_id archival?id=3fb6b31c716669e12f75a2accd31bb7685b1a1cb
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-12T04:55:24Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-11T20:50:59Z/
url https://git.busybox.net/busybox/commit/archival?id=3fb6b31c716669e12f75a2accd31bb7685b1a1cb
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1
reference_id cpe:/a:redhat:hummingbird:1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
9
reference_url https://access.redhat.com/security/cve/CVE-2026-26157
reference_id CVE-2026-26157
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-12T04:55:24Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-11T20:50:59Z/
url https://access.redhat.com/security/cve/CVE-2026-26157
Weaknesses
0
cwe_id 73
name External Control of File Name or Path
description The product allows user input to control or influence paths or file names that are used in filesystem operations.
Exploits
Severity_range_score7.0 - 7.0
Exploitability0.5
Weighted_severity6.3
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-fugr-ve7z-efdb