Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-h1cb-yt3w-1kb2
Vulnerability ID VCID-h1cb-yt3w-1kb2
Aliases CVE-2022-26846
Summary security update
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.05798 https://api.first.org/data/v1/epss?cve=CVE-2022-26846
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2022-26846
https://blog.spip.net/Mise-a-jour-critique-de-securite-sorties-de-SPIP-4-0-5-et-SPIP-3-2-14.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26846
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26847
https://git.spip.net/spip/medias/commit/3014b845da2dd8ad15ff04b50fd9dbba388a9ca2
https://lists.debian.org/debian-lts-announce/2022/03/msg00020.html
https://lists.debian.org/debian-security-announce/2022/msg00060.html
CVE-2022-26846 https://nvd.nist.gov/vuln/detail/CVE-2022-26846
USN-5482-1 https://usn.ubuntu.com/5482-1/
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.9064
EPSS Score 0.05798
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T13:38:19.986689+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.6.0