Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/python-django@3:5.2.15-1?distro=trixie

Type deb

Namespace debian

Name python-django

Version 3:5.2.15-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 3:5.2.15-2

Latest_non_vulnerable_version 3:5.2.15-2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1g9h-ryet-2ffs

vulnerability_id VCID-1g9h-ryet-2ffs

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35193.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35193.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-35193

reference_id

reference_type

scores

value	0.0004
scoring_system	epss
scoring_elements	0.12556
published_at	2026-06-11T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12635
published_at	2026-06-14T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12656
published_at	2026-06-13T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12649
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-35193

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35193
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35193

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138775
reference_id	1138775
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138775

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2484374
reference_id	2484374
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2484374

reference_url

https://groups.google.com/g/django-announce

reference_id

django-announce

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-03T15:47:08Z/

url

https://groups.google.com/g/django-announce

reference_url

https://docs.djangoproject.com/en/dev/releases/security/

reference_id

security

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-03T15:47:08Z/

url

https://docs.djangoproject.com/en/dev/releases/security/

reference_url

https://www.djangoproject.com/weblog/2026/jun/03/security-releases/

reference_id

security-releases

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-03T15:47:08Z/

url

https://www.djangoproject.com/weblog/2026/jun/03/security-releases/

fixed_packages

url	pkg:deb/debian/python-django@3:5.2.15-1?distro=trixie
purl	pkg:deb/debian/python-django@3:5.2.15-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.15-1%3Fdistro=trixie

url	pkg:deb/debian/python-django@3:5.2.15-2?distro=trixie
purl	pkg:deb/debian/python-django@3:5.2.15-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.15-2%3Fdistro=trixie

aliases BIT-django-2026-35193, CVE-2026-35193, PYSEC-2026-197

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1g9h-ryet-2ffs

url VCID-1mp4-kq35-1ba7

vulnerability_id VCID-1mp4-kq35-1ba7

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48587.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-48587.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-48587

reference_id

reference_type

scores

value	0.0004
scoring_system	epss
scoring_elements	0.12556
published_at	2026-06-11T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12635
published_at	2026-06-14T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12656
published_at	2026-06-13T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12649
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-48587

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48587

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138775
reference_id	1138775
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138775

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2484372
reference_id	2484372
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2484372

reference_url

https://groups.google.com/g/django-announce

reference_id

django-announce

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-03T15:47:33Z/

url

https://groups.google.com/g/django-announce

reference_url

https://docs.djangoproject.com/en/dev/releases/security/

reference_id

security

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-03T15:47:33Z/

url

https://docs.djangoproject.com/en/dev/releases/security/

reference_url

https://www.djangoproject.com/weblog/2026/jun/03/security-releases/

reference_id

security-releases

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-03T15:47:33Z/

url

https://www.djangoproject.com/weblog/2026/jun/03/security-releases/

fixed_packages

url	pkg:deb/debian/python-django@3:5.2.15-1?distro=trixie
purl	pkg:deb/debian/python-django@3:5.2.15-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.15-1%3Fdistro=trixie

url	pkg:deb/debian/python-django@3:5.2.15-2?distro=trixie
purl	pkg:deb/debian/python-django@3:5.2.15-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.15-2%3Fdistro=trixie

aliases BIT-django-2026-48587, CVE-2026-48587, PYSEC-2026-198

risk_score 2.1

exploitability 0.5

weighted_severity 4.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1mp4-kq35-1ba7

url VCID-h5qf-zbcz-qygg

vulnerability_id VCID-h5qf-zbcz-qygg

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8404.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8404.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-8404

reference_id

reference_type

scores

value	0.00041
scoring_system	epss
scoring_elements	0.12784
published_at	2026-06-11T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12871
published_at	2026-06-14T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12889
published_at	2026-06-13T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12879
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-8404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8404

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138775
reference_id	1138775
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138775

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2484370
reference_id	2484370
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2484370

reference_url

https://groups.google.com/g/django-announce

reference_id

django-announce

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-03T15:46:33Z/

url

https://groups.google.com/g/django-announce

reference_url

https://docs.djangoproject.com/en/dev/releases/security/

reference_id

security

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-03T15:46:33Z/

url

https://docs.djangoproject.com/en/dev/releases/security/

reference_url

https://www.djangoproject.com/weblog/2026/jun/03/security-releases/

reference_id

security-releases

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-03T15:46:33Z/

url

https://www.djangoproject.com/weblog/2026/jun/03/security-releases/

fixed_packages

url	pkg:deb/debian/python-django@3:5.2.15-1?distro=trixie
purl	pkg:deb/debian/python-django@3:5.2.15-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.15-1%3Fdistro=trixie

url	pkg:deb/debian/python-django@3:5.2.15-2?distro=trixie
purl	pkg:deb/debian/python-django@3:5.2.15-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.15-2%3Fdistro=trixie

aliases BIT-django-2026-8404, CVE-2026-8404, PYSEC-2026-201

risk_score 2.1

exploitability 0.5

weighted_severity 4.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h5qf-zbcz-qygg

url VCID-m4mg-yd86-dyfw

vulnerability_id VCID-m4mg-yd86-dyfw

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7666.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7666.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-7666

reference_id

reference_type

scores

value	0.00013
scoring_system	epss
scoring_elements	0.02107
published_at	2026-06-13T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02117
published_at	2026-06-14T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.0211
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-7666

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7666
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7666

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138775
reference_id	1138775
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138775

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2484369
reference_id	2484369
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2484369

reference_url

https://groups.google.com/g/django-announce

reference_id

django-announce

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-03T15:43:26Z/

url

https://groups.google.com/g/django-announce

reference_url

https://docs.djangoproject.com/en/dev/releases/security/

reference_id

security

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-03T15:43:26Z/

url

https://docs.djangoproject.com/en/dev/releases/security/

reference_url

https://www.djangoproject.com/weblog/2026/jun/03/security-releases/

reference_id

security-releases

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-03T15:43:26Z/

url

https://www.djangoproject.com/weblog/2026/jun/03/security-releases/

fixed_packages

url	pkg:deb/debian/python-django@3:5.2.15-1?distro=trixie
purl	pkg:deb/debian/python-django@3:5.2.15-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.15-1%3Fdistro=trixie

url	pkg:deb/debian/python-django@3:5.2.15-2?distro=trixie
purl	pkg:deb/debian/python-django@3:5.2.15-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.15-2%3Fdistro=trixie

aliases BIT-django-2026-7666, CVE-2026-7666, PYSEC-2026-200

risk_score 1.9

exploitability 0.5

weighted_severity 3.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m4mg-yd86-dyfw

url VCID-n915-wj16-wka6

vulnerability_id VCID-n915-wj16-wka6

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6873.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6873.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6873

reference_id

reference_type

scores

value	9e-05
scoring_system	epss
scoring_elements	0.00927
published_at	2026-06-11T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00934
published_at	2026-06-14T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.0093
published_at	2026-06-13T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00924
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6873

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6873

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138775
reference_id	1138775
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138775

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2484373
reference_id	2484373
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2484373

reference_url

https://groups.google.com/g/django-announce

reference_id

django-announce

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-03T15:43:52Z/

url

https://groups.google.com/g/django-announce

reference_url

https://docs.djangoproject.com/en/dev/releases/security/

reference_id

security

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-03T15:43:52Z/

url

https://docs.djangoproject.com/en/dev/releases/security/

reference_url

https://www.djangoproject.com/weblog/2026/jun/03/security-releases/

reference_id

security-releases

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-03T15:43:52Z/

url

https://www.djangoproject.com/weblog/2026/jun/03/security-releases/

fixed_packages

url	pkg:deb/debian/python-django@3:5.2.15-1?distro=trixie
purl	pkg:deb/debian/python-django@3:5.2.15-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.15-1%3Fdistro=trixie

url	pkg:deb/debian/python-django@3:5.2.15-2?distro=trixie
purl	pkg:deb/debian/python-django@3:5.2.15-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.15-2%3Fdistro=trixie

aliases BIT-django-2026-6873, CVE-2026-6873, PYSEC-2026-199

risk_score 1.7

exploitability 0.5

weighted_severity 3.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n915-wj16-wka6

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.15-1%3Fdistro=trixie

Package Instance