Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
Typeapk
Namespacealpine
Namerclone
Version1.73.5-r0
Qualifiers
arch x86_64
distroversion edge
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-245f-jhkn-w3ck
vulnerability_id VCID-245f-jhkn-w3ck
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32281.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32281.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32281
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04457
published_at 2026-04-18T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04696
published_at 2026-04-29T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.0467
published_at 2026-04-26T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04636
published_at 2026-04-24T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04595
published_at 2026-04-21T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04693
published_at 2026-05-05T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05503
published_at 2026-04-16T12:55:00Z
7
value 7e-05
scoring_system epss
scoring_elements 0.0045
published_at 2026-04-09T12:55:00Z
8
value 7e-05
scoring_system epss
scoring_elements 0.00451
published_at 2026-04-11T12:55:00Z
9
value 7e-05
scoring_system epss
scoring_elements 0.00447
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32281
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32281
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
reference_id 0uYbvbPZRWU
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/
url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456333
reference_id 2456333
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456333
6
reference_url https://go.dev/cl/758061
reference_id 758061
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/
url https://go.dev/cl/758061
7
reference_url https://go.dev/issue/78281
reference_id 78281
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/
url https://go.dev/issue/78281
8
reference_url https://pkg.go.dev/vuln/GO-2026-4946
reference_id GO-2026-4946
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/
url https://pkg.go.dev/vuln/GO-2026-4946
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-32281
risk_score 3.0
exploitability 0.5
weighted_severity 6.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-245f-jhkn-w3ck
1
url VCID-6a6z-bq7m-c3gf
vulnerability_id VCID-6a6z-bq7m-c3gf
summary crypto/x509: Panic in name constraint checking for malformed certificates in crypto/x509
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27138.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27138.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27138
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05245
published_at 2026-04-04T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05215
published_at 2026-04-02T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05749
published_at 2026-04-18T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05788
published_at 2026-04-08T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05813
published_at 2026-04-09T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05792
published_at 2026-04-11T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05784
published_at 2026-04-12T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05778
published_at 2026-04-13T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05741
published_at 2026-04-16T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05894
published_at 2026-04-21T12:55:00Z
10
value 0.00034
scoring_system epss
scoring_elements 0.09952
published_at 2026-04-24T12:55:00Z
11
value 0.00034
scoring_system epss
scoring_elements 0.09915
published_at 2026-04-26T12:55:00Z
12
value 0.00034
scoring_system epss
scoring_elements 0.09868
published_at 2026-04-29T12:55:00Z
13
value 0.00034
scoring_system epss
scoring_elements 0.0979
published_at 2026-05-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27138
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445344
reference_id 2445344
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445344
4
reference_url https://go.dev/cl/752183
reference_id 752183
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/
url https://go.dev/cl/752183
5
reference_url https://go.dev/issue/77953
reference_id 77953
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/
url https://go.dev/issue/77953
6
reference_url https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk
reference_id EdhZqrQ98hk
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/
url https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk
7
reference_url https://pkg.go.dev/vuln/GO-2026-4600
reference_id GO-2026-4600
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/
url https://pkg.go.dev/vuln/GO-2026-4600
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-27138
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6a6z-bq7m-c3gf
2
url VCID-6gj4-t3v3-gyhp
vulnerability_id VCID-6gj4-t3v3-gyhp
summary 
Denial of service in github.com/buger/jsonparser
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32285.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32285.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32285
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05903
published_at 2026-05-05T12:55:00Z
1
value 0.00052
scoring_system epss
scoring_elements 0.16264
published_at 2026-04-26T12:55:00Z
2
value 0.00052
scoring_system epss
scoring_elements 0.16269
published_at 2026-04-24T12:55:00Z
3
value 0.00054
scoring_system epss
scoring_elements 0.17069
published_at 2026-04-13T12:55:00Z
4
value 0.00054
scoring_system epss
scoring_elements 0.17129
published_at 2026-04-12T12:55:00Z
5
value 0.00054
scoring_system epss
scoring_elements 0.17176
published_at 2026-04-11T12:55:00Z
6
value 0.00054
scoring_system epss
scoring_elements 0.17201
published_at 2026-04-09T12:55:00Z
7
value 0.00054
scoring_system epss
scoring_elements 0.17144
published_at 2026-04-08T12:55:00Z
8
value 0.00054
scoring_system epss
scoring_elements 0.17054
published_at 2026-04-07T12:55:00Z
9
value 0.00054
scoring_system epss
scoring_elements 0.17273
published_at 2026-04-04T12:55:00Z
10
value 0.00054
scoring_system epss
scoring_elements 0.17223
published_at 2026-04-02T12:55:00Z
11
value 0.00054
scoring_system epss
scoring_elements 0.17045
published_at 2026-04-21T12:55:00Z
12
value 0.00054
scoring_system epss
scoring_elements 0.17009
published_at 2026-04-18T12:55:00Z
13
value 0.00054
scoring_system epss
scoring_elements 0.17005
published_at 2026-04-16T12:55:00Z
14
value 0.00057
scoring_system epss
scoring_elements 0.1769
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32285
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32285
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32285
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/buger/jsonparser
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/buger/jsonparser
5
reference_url https://github.com/buger/jsonparser/commit/a69e7e01cd4ad67bdfd3ac2c080b9212af16f4b0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/buger/jsonparser/commit/a69e7e01cd4ad67bdfd3ac2c080b9212af16f4b0
6
reference_url https://github.com/buger/jsonparser/issues/275
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-30T14:05:55Z/
url https://github.com/buger/jsonparser/issues/275
7
reference_url https://github.com/buger/jsonparser/pull/276
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/buger/jsonparser/pull/276
8
reference_url https://github.com/buger/jsonparser/releases/tag/v1.1.2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/buger/jsonparser/releases/tag/v1.1.2
9
reference_url https://github.com/golang/vulndb/issues/4514
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-30T14:05:55Z/
url https://github.com/golang/vulndb/issues/4514
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32285
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32285
11
reference_url https://pkg.go.dev/vuln/GO-2026-4514
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-30T14:05:55Z/
url https://pkg.go.dev/vuln/GO-2026-4514
12
reference_url https://securityinfinity.com/research/buger-jsonparser-negative-slice-panic-dos-2026
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://securityinfinity.com/research/buger-jsonparser-negative-slice-panic-dos-2026
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451846
reference_id 2451846
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451846
14
reference_url https://access.redhat.com/errata/RHSA-2026:13548
reference_id RHSA-2026:13548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13548
15
reference_url https://access.redhat.com/errata/RHSA-2026:7191
reference_id RHSA-2026:7191
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7191
16
reference_url https://access.redhat.com/errata/RHSA-2026:9385
reference_id RHSA-2026:9385
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9385
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-32285, GHSA-6g7g-w4f8-9c9x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6gj4-t3v3-gyhp
3
url VCID-82wq-13vf-ufb2
vulnerability_id VCID-82wq-13vf-ufb2
summary 
CIRCL has an incorrect calculation in secp384r1 CombinedMult
The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas.
ECDH and ECDSA signing relying on this curve are not affected.

The bug was fixed in **[v1.6.3](https://github.com/cloudflare/circl/releases/tag/v1.6.3)**.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-1229
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05864
published_at 2026-04-08T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.06053
published_at 2026-04-29T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-26T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.06011
published_at 2026-04-24T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05981
published_at 2026-04-21T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05829
published_at 2026-04-18T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05819
published_at 2026-04-16T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05854
published_at 2026-04-13T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05862
published_at 2026-04-12T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.05871
published_at 2026-04-11T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.05796
published_at 2026-04-02T12:55:00Z
11
value 0.00022
scoring_system epss
scoring_elements 0.05889
published_at 2026-04-09T12:55:00Z
12
value 0.00022
scoring_system epss
scoring_elements 0.05831
published_at 2026-04-04T12:55:00Z
13
value 0.00022
scoring_system epss
scoring_elements 0.05825
published_at 2026-04-07T12:55:00Z
14
value 0.00023
scoring_system epss
scoring_elements 0.06305
published_at 2026-05-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-1229
1
reference_url https://github.com/cloudflare/circl
reference_id
reference_type
scores
0
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P/S:N/AU:Y/U:Amber
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T15:04:09Z/
url https://github.com/cloudflare/circl
2
reference_url https://github.com/cloudflare/circl/pull/583
reference_id
reference_type
scores
0
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P/S:N/AU:Y/U:Amber
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/cloudflare/circl/pull/583
3
reference_url https://github.com/cloudflare/circl/releases/tag/v1.6.3
reference_id
reference_type
scores
0
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P/S:N/AU:Y/U:Amber
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/cloudflare/circl/releases/tag/v1.6.3
4
reference_url https://github.com/cloudflare/circl/security/advisories/GHSA-q9hv-hpm4-hj6x
reference_id
reference_type
scores
0
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P/S:N/AU:Y/U:Amber
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/cloudflare/circl/security/advisories/GHSA-q9hv-hpm4-hj6x
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-1229
reference_id
reference_type
scores
0
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P/S:N/AU:Y/U:Amber
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-1229
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-1229, GHSA-q9hv-hpm4-hj6x
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-82wq-13vf-ufb2
4
url VCID-8s5d-1byz-8fhz
vulnerability_id VCID-8s5d-1byz-8fhz
summary html/template: URLs in meta content attribute actions are not escaped in html/template
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27142.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27142.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27142
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01258
published_at 2026-04-02T12:55:00Z
1
value 0.00011
scoring_system epss
scoring_elements 0.01426
published_at 2026-05-05T12:55:00Z
2
value 0.00011
scoring_system epss
scoring_elements 0.01263
published_at 2026-04-04T12:55:00Z
3
value 0.00011
scoring_system epss
scoring_elements 0.01424
published_at 2026-04-24T12:55:00Z
4
value 0.00011
scoring_system epss
scoring_elements 0.01429
published_at 2026-04-26T12:55:00Z
5
value 0.00011
scoring_system epss
scoring_elements 0.01436
published_at 2026-04-29T12:55:00Z
6
value 0.00012
scoring_system epss
scoring_elements 0.01542
published_at 2026-04-13T12:55:00Z
7
value 0.00012
scoring_system epss
scoring_elements 0.01562
published_at 2026-04-09T12:55:00Z
8
value 0.00012
scoring_system epss
scoring_elements 0.01551
published_at 2026-04-11T12:55:00Z
9
value 0.00012
scoring_system epss
scoring_elements 0.01545
published_at 2026-04-18T12:55:00Z
10
value 0.00012
scoring_system epss
scoring_elements 0.0153
published_at 2026-04-16T12:55:00Z
11
value 0.00012
scoring_system epss
scoring_elements 0.01552
published_at 2026-04-07T12:55:00Z
12
value 0.00012
scoring_system epss
scoring_elements 0.01555
published_at 2026-04-08T12:55:00Z
13
value 0.00015
scoring_system epss
scoring_elements 0.03399
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27142
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27142
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27142
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445351
reference_id 2445351
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445351
5
reference_url https://go.dev/cl/752081
reference_id 752081
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/
url https://go.dev/cl/752081
6
reference_url https://go.dev/issue/77954
reference_id 77954
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/
url https://go.dev/issue/77954
7
reference_url https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk
reference_id EdhZqrQ98hk
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/
url https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk
8
reference_url https://pkg.go.dev/vuln/GO-2026-4603
reference_id GO-2026-4603
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/
url https://pkg.go.dev/vuln/GO-2026-4603
9
reference_url https://access.redhat.com/errata/RHSA-2026:5192
reference_id RHSA-2026:5192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5192
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-27142
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8s5d-1byz-8fhz
5
url VCID-91yp-p6st-8ucd
vulnerability_id VCID-91yp-p6st-8ucd
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32288.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32288.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32288
reference_id
reference_type
scores
0
value 4e-05
scoring_system epss
scoring_elements 0.00172
published_at 2026-05-05T12:55:00Z
1
value 4e-05
scoring_system epss
scoring_elements 0.00171
published_at 2026-04-18T12:55:00Z
2
value 4e-05
scoring_system epss
scoring_elements 0.00173
published_at 2026-04-21T12:55:00Z
3
value 4e-05
scoring_system epss
scoring_elements 0.00175
published_at 2026-04-26T12:55:00Z
4
value 6e-05
scoring_system epss
scoring_elements 0.0029
published_at 2026-04-16T12:55:00Z
5
value 7e-05
scoring_system epss
scoring_elements 0.0062
published_at 2026-04-13T12:55:00Z
6
value 7e-05
scoring_system epss
scoring_elements 0.00618
published_at 2026-04-12T12:55:00Z
7
value 7e-05
scoring_system epss
scoring_elements 0.00622
published_at 2026-04-11T12:55:00Z
8
value 9e-05
scoring_system epss
scoring_elements 0.00813
published_at 2026-04-09T12:55:00Z
9
value 9e-05
scoring_system epss
scoring_elements 0.00816
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32288
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32288
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32288
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
reference_id 0uYbvbPZRWU
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/
url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456332
reference_id 2456332
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456332
6
reference_url https://go.dev/cl/763766
reference_id 763766
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/
url https://go.dev/cl/763766
7
reference_url https://go.dev/issue/78301
reference_id 78301
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/
url https://go.dev/issue/78301
8
reference_url https://pkg.go.dev/vuln/GO-2026-4869
reference_id GO-2026-4869
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/
url https://pkg.go.dev/vuln/GO-2026-4869
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-32288
risk_score 2.2
exploitability 0.5
weighted_severity 4.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-91yp-p6st-8ucd
6
url VCID-dp1t-v58b-43du
vulnerability_id VCID-dp1t-v58b-43du
summary crypto/tls: Unexpected session resumption in crypto/tls
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68121.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68121.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68121
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04012
published_at 2026-04-02T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04026
published_at 2026-04-12T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.04029
published_at 2026-04-04T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.04044
published_at 2026-04-07T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.04049
published_at 2026-04-08T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.04068
published_at 2026-04-09T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.04041
published_at 2026-04-11T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.03999
published_at 2026-04-13T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04541
published_at 2026-04-26T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04583
published_at 2026-05-05T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04353
published_at 2026-04-16T12:55:00Z
11
value 0.00018
scoring_system epss
scoring_elements 0.04361
published_at 2026-04-18T12:55:00Z
12
value 0.00018
scoring_system epss
scoring_elements 0.04493
published_at 2026-04-21T12:55:00Z
13
value 0.00018
scoring_system epss
scoring_elements 0.0452
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68121
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68121
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68121
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916
reference_id 1125916
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125917
reference_id 1125917
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125917
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2437111
reference_id 2437111
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2437111
7
reference_url https://go.dev/cl/737700
reference_id 737700
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-20T16:05:03Z/
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-29T03:55:46Z/
url https://go.dev/cl/737700
8
reference_url https://go.dev/issue/77217
reference_id 77217
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-20T16:05:03Z/
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-29T03:55:46Z/
url https://go.dev/issue/77217
9
reference_url https://pkg.go.dev/vuln/GO-2026-4337
reference_id GO-2026-4337
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-20T16:05:03Z/
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-29T03:55:46Z/
url https://pkg.go.dev/vuln/GO-2026-4337
10
reference_url https://groups.google.com/g/golang-announce/c/K09ubi9FQFk
reference_id K09ubi9FQFk
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-29T03:55:46Z/
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-20T16:05:03Z/
url https://groups.google.com/g/golang-announce/c/K09ubi9FQFk
11
reference_url https://access.redhat.com/errata/RHSA-2026:10125
reference_id RHSA-2026:10125
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10125
12
reference_url https://access.redhat.com/errata/RHSA-2026:10158
reference_id RHSA-2026:10158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10158
13
reference_url https://access.redhat.com/errata/RHSA-2026:10225
reference_id RHSA-2026:10225
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10225
14
reference_url https://access.redhat.com/errata/RHSA-2026:10250
reference_id RHSA-2026:10250
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10250
15
reference_url https://access.redhat.com/errata/RHSA-2026:11331
reference_id RHSA-2026:11331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11331
16
reference_url https://access.redhat.com/errata/RHSA-2026:11414
reference_id RHSA-2026:11414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11414
17
reference_url https://access.redhat.com/errata/RHSA-2026:11747
reference_id RHSA-2026:11747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11747
18
reference_url https://access.redhat.com/errata/RHSA-2026:11749
reference_id RHSA-2026:11749
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11749
19
reference_url https://access.redhat.com/errata/RHSA-2026:12028
reference_id RHSA-2026:12028
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12028
20
reference_url https://access.redhat.com/errata/RHSA-2026:12029
reference_id RHSA-2026:12029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12029
21
reference_url https://access.redhat.com/errata/RHSA-2026:12030
reference_id RHSA-2026:12030
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12030
22
reference_url https://access.redhat.com/errata/RHSA-2026:12031
reference_id RHSA-2026:12031
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12031
23
reference_url https://access.redhat.com/errata/RHSA-2026:12032
reference_id RHSA-2026:12032
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12032
24
reference_url https://access.redhat.com/errata/RHSA-2026:12033
reference_id RHSA-2026:12033
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12033
25
reference_url https://access.redhat.com/errata/RHSA-2026:13542
reference_id RHSA-2026:13542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13542
26
reference_url https://access.redhat.com/errata/RHSA-2026:13545
reference_id RHSA-2026:13545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13545
27
reference_url https://access.redhat.com/errata/RHSA-2026:13571
reference_id RHSA-2026:13571
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13571
28
reference_url https://access.redhat.com/errata/RHSA-2026:2706
reference_id RHSA-2026:2706
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2706
29
reference_url https://access.redhat.com/errata/RHSA-2026:2708
reference_id RHSA-2026:2708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2708
30
reference_url https://access.redhat.com/errata/RHSA-2026:2709
reference_id RHSA-2026:2709
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2709
31
reference_url https://access.redhat.com/errata/RHSA-2026:2914
reference_id RHSA-2026:2914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2914
32
reference_url https://access.redhat.com/errata/RHSA-2026:2920
reference_id RHSA-2026:2920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2920
33
reference_url https://access.redhat.com/errata/RHSA-2026:3035
reference_id RHSA-2026:3035
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3035
34
reference_url https://access.redhat.com/errata/RHSA-2026:3040
reference_id RHSA-2026:3040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3040
35
reference_url https://access.redhat.com/errata/RHSA-2026:3089
reference_id RHSA-2026:3089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3089
36
reference_url https://access.redhat.com/errata/RHSA-2026:3092
reference_id RHSA-2026:3092
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3092
37
reference_url https://access.redhat.com/errata/RHSA-2026:3186
reference_id RHSA-2026:3186
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3186
38
reference_url https://access.redhat.com/errata/RHSA-2026:3187
reference_id RHSA-2026:3187
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3187
39
reference_url https://access.redhat.com/errata/RHSA-2026:3188
reference_id RHSA-2026:3188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3188
40
reference_url https://access.redhat.com/errata/RHSA-2026:3192
reference_id RHSA-2026:3192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3192
41
reference_url https://access.redhat.com/errata/RHSA-2026:3193
reference_id RHSA-2026:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3193
42
reference_url https://access.redhat.com/errata/RHSA-2026:3291
reference_id RHSA-2026:3291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3291
43
reference_url https://access.redhat.com/errata/RHSA-2026:3297
reference_id RHSA-2026:3297
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3297
44
reference_url https://access.redhat.com/errata/RHSA-2026:3298
reference_id RHSA-2026:3298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3298
45
reference_url https://access.redhat.com/errata/RHSA-2026:3336
reference_id RHSA-2026:3336
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3336
46
reference_url https://access.redhat.com/errata/RHSA-2026:3337
reference_id RHSA-2026:3337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3337
47
reference_url https://access.redhat.com/errata/RHSA-2026:3340
reference_id RHSA-2026:3340
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3340
48
reference_url https://access.redhat.com/errata/RHSA-2026:3341
reference_id RHSA-2026:3341
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3341
49
reference_url https://access.redhat.com/errata/RHSA-2026:3343
reference_id RHSA-2026:3343
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3343
50
reference_url https://access.redhat.com/errata/RHSA-2026:3459
reference_id RHSA-2026:3459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3459
51
reference_url https://access.redhat.com/errata/RHSA-2026:3506
reference_id RHSA-2026:3506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3506
52
reference_url https://access.redhat.com/errata/RHSA-2026:3556
reference_id RHSA-2026:3556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3556
53
reference_url https://access.redhat.com/errata/RHSA-2026:3559
reference_id RHSA-2026:3559
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3559
54
reference_url https://access.redhat.com/errata/RHSA-2026:3752
reference_id RHSA-2026:3752
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3752
55
reference_url https://access.redhat.com/errata/RHSA-2026:3753
reference_id RHSA-2026:3753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3753
56
reference_url https://access.redhat.com/errata/RHSA-2026:3782
reference_id RHSA-2026:3782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3782
57
reference_url https://access.redhat.com/errata/RHSA-2026:3816
reference_id RHSA-2026:3816
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3816
58
reference_url https://access.redhat.com/errata/RHSA-2026:3817
reference_id RHSA-2026:3817
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3817
59
reference_url https://access.redhat.com/errata/RHSA-2026:3831
reference_id RHSA-2026:3831
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3831
60
reference_url https://access.redhat.com/errata/RHSA-2026:3833
reference_id RHSA-2026:3833
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3833
61
reference_url https://access.redhat.com/errata/RHSA-2026:3839
reference_id RHSA-2026:3839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3839
62
reference_url https://access.redhat.com/errata/RHSA-2026:3840
reference_id RHSA-2026:3840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3840
63
reference_url https://access.redhat.com/errata/RHSA-2026:3842
reference_id RHSA-2026:3842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3842
64
reference_url https://access.redhat.com/errata/RHSA-2026:3843
reference_id RHSA-2026:3843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3843
65
reference_url https://access.redhat.com/errata/RHSA-2026:3855
reference_id RHSA-2026:3855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3855
66
reference_url https://access.redhat.com/errata/RHSA-2026:3864
reference_id RHSA-2026:3864
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3864
67
reference_url https://access.redhat.com/errata/RHSA-2026:3874
reference_id RHSA-2026:3874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3874
68
reference_url https://access.redhat.com/errata/RHSA-2026:3884
reference_id RHSA-2026:3884
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3884
69
reference_url https://access.redhat.com/errata/RHSA-2026:3898
reference_id RHSA-2026:3898
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3898
70
reference_url https://access.redhat.com/errata/RHSA-2026:3928
reference_id RHSA-2026:3928
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3928
71
reference_url https://access.redhat.com/errata/RHSA-2026:3929
reference_id RHSA-2026:3929
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3929
72
reference_url https://access.redhat.com/errata/RHSA-2026:3970
reference_id RHSA-2026:3970
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3970
73
reference_url https://access.redhat.com/errata/RHSA-2026:3971
reference_id RHSA-2026:3971
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3971
74
reference_url https://access.redhat.com/errata/RHSA-2026:3977
reference_id RHSA-2026:3977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3977
75
reference_url https://access.redhat.com/errata/RHSA-2026:3985
reference_id RHSA-2026:3985
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3985
76
reference_url https://access.redhat.com/errata/RHSA-2026:4164
reference_id RHSA-2026:4164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4164
77
reference_url https://access.redhat.com/errata/RHSA-2026:4166
reference_id RHSA-2026:4166
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4166
78
reference_url https://access.redhat.com/errata/RHSA-2026:4170
reference_id RHSA-2026:4170
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4170
79
reference_url https://access.redhat.com/errata/RHSA-2026:4174
reference_id RHSA-2026:4174
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4174
80
reference_url https://access.redhat.com/errata/RHSA-2026:4177
reference_id RHSA-2026:4177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4177
81
reference_url https://access.redhat.com/errata/RHSA-2026:4220
reference_id RHSA-2026:4220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4220
82
reference_url https://access.redhat.com/errata/RHSA-2026:4256
reference_id RHSA-2026:4256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4256
83
reference_url https://access.redhat.com/errata/RHSA-2026:4264
reference_id RHSA-2026:4264
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4264
84
reference_url https://access.redhat.com/errata/RHSA-2026:4267
reference_id RHSA-2026:4267
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4267
85
reference_url https://access.redhat.com/errata/RHSA-2026:4270
reference_id RHSA-2026:4270
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4270
86
reference_url https://access.redhat.com/errata/RHSA-2026:4466
reference_id RHSA-2026:4466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4466
87
reference_url https://access.redhat.com/errata/RHSA-2026:4467
reference_id RHSA-2026:4467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4467
88
reference_url https://access.redhat.com/errata/RHSA-2026:4498
reference_id RHSA-2026:4498
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4498
89
reference_url https://access.redhat.com/errata/RHSA-2026:4500
reference_id RHSA-2026:4500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4500
90
reference_url https://access.redhat.com/errata/RHSA-2026:4672
reference_id RHSA-2026:4672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4672
91
reference_url https://access.redhat.com/errata/RHSA-2026:4892
reference_id RHSA-2026:4892
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4892
92
reference_url https://access.redhat.com/errata/RHSA-2026:4901
reference_id RHSA-2026:4901
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4901
93
reference_url https://access.redhat.com/errata/RHSA-2026:4907
reference_id RHSA-2026:4907
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4907
94
reference_url https://access.redhat.com/errata/RHSA-2026:4942
reference_id RHSA-2026:4942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4942
95
reference_url https://access.redhat.com/errata/RHSA-2026:4952
reference_id RHSA-2026:4952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4952
96
reference_url https://access.redhat.com/errata/RHSA-2026:5077
reference_id RHSA-2026:5077
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5077
97
reference_url https://access.redhat.com/errata/RHSA-2026:5110
reference_id RHSA-2026:5110
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5110
98
reference_url https://access.redhat.com/errata/RHSA-2026:5129
reference_id RHSA-2026:5129
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5129
99
reference_url https://access.redhat.com/errata/RHSA-2026:5130
reference_id RHSA-2026:5130
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5130
100
reference_url https://access.redhat.com/errata/RHSA-2026:5131
reference_id RHSA-2026:5131
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5131
101
reference_url https://access.redhat.com/errata/RHSA-2026:5132
reference_id RHSA-2026:5132
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5132
102
reference_url https://access.redhat.com/errata/RHSA-2026:5133
reference_id RHSA-2026:5133
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5133
103
reference_url https://access.redhat.com/errata/RHSA-2026:5146
reference_id RHSA-2026:5146
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5146
104
reference_url https://access.redhat.com/errata/RHSA-2026:5168
reference_id RHSA-2026:5168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5168
105
reference_url https://access.redhat.com/errata/RHSA-2026:5394
reference_id RHSA-2026:5394
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5394
106
reference_url https://access.redhat.com/errata/RHSA-2026:5452
reference_id RHSA-2026:5452
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5452
107
reference_url https://access.redhat.com/errata/RHSA-2026:5549
reference_id RHSA-2026:5549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5549
108
reference_url https://access.redhat.com/errata/RHSA-2026:5636
reference_id RHSA-2026:5636
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5636
109
reference_url https://access.redhat.com/errata/RHSA-2026:5645
reference_id RHSA-2026:5645
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5645
110
reference_url https://access.redhat.com/errata/RHSA-2026:5665
reference_id RHSA-2026:5665
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5665
111
reference_url https://access.redhat.com/errata/RHSA-2026:5851
reference_id RHSA-2026:5851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5851
112
reference_url https://access.redhat.com/errata/RHSA-2026:5866
reference_id RHSA-2026:5866
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5866
113
reference_url https://access.redhat.com/errata/RHSA-2026:5876
reference_id RHSA-2026:5876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5876
114
reference_url https://access.redhat.com/errata/RHSA-2026:5878
reference_id RHSA-2026:5878
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5878
115
reference_url https://access.redhat.com/errata/RHSA-2026:5907
reference_id RHSA-2026:5907
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5907
116
reference_url https://access.redhat.com/errata/RHSA-2026:5948
reference_id RHSA-2026:5948
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5948
117
reference_url https://access.redhat.com/errata/RHSA-2026:5950
reference_id RHSA-2026:5950
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5950
118
reference_url https://access.redhat.com/errata/RHSA-2026:5952
reference_id RHSA-2026:5952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5952
119
reference_url https://access.redhat.com/errata/RHSA-2026:6192
reference_id RHSA-2026:6192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6192
120
reference_url https://access.redhat.com/errata/RHSA-2026:6226
reference_id RHSA-2026:6226
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6226
121
reference_url https://access.redhat.com/errata/RHSA-2026:6277
reference_id RHSA-2026:6277
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6277
122
reference_url https://access.redhat.com/errata/RHSA-2026:6278
reference_id RHSA-2026:6278
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6278
123
reference_url https://access.redhat.com/errata/RHSA-2026:6428
reference_id RHSA-2026:6428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6428
124
reference_url https://access.redhat.com/errata/RHSA-2026:6429
reference_id RHSA-2026:6429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6429
125
reference_url https://access.redhat.com/errata/RHSA-2026:6497
reference_id RHSA-2026:6497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6497
126
reference_url https://access.redhat.com/errata/RHSA-2026:6552
reference_id RHSA-2026:6552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6552
127
reference_url https://access.redhat.com/errata/RHSA-2026:6567
reference_id RHSA-2026:6567
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6567
128
reference_url https://access.redhat.com/errata/RHSA-2026:6568
reference_id RHSA-2026:6568
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6568
129
reference_url https://access.redhat.com/errata/RHSA-2026:7052
reference_id RHSA-2026:7052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7052
130
reference_url https://access.redhat.com/errata/RHSA-2026:7854
reference_id RHSA-2026:7854
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7854
131
reference_url https://access.redhat.com/errata/RHSA-2026:7885
reference_id RHSA-2026:7885
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7885
132
reference_url https://access.redhat.com/errata/RHSA-2026:8151
reference_id RHSA-2026:8151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8151
133
reference_url https://access.redhat.com/errata/RHSA-2026:8167
reference_id RHSA-2026:8167
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8167
134
reference_url https://access.redhat.com/errata/RHSA-2026:8218
reference_id RHSA-2026:8218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8218
135
reference_url https://access.redhat.com/errata/RHSA-2026:8337
reference_id RHSA-2026:8337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8337
136
reference_url https://access.redhat.com/errata/RHSA-2026:8338
reference_id RHSA-2026:8338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8338
137
reference_url https://access.redhat.com/errata/RHSA-2026:8433
reference_id RHSA-2026:8433
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8433
138
reference_url https://access.redhat.com/errata/RHSA-2026:8483
reference_id RHSA-2026:8483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8483
139
reference_url https://access.redhat.com/errata/RHSA-2026:9097
reference_id RHSA-2026:9097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9097
140
reference_url https://access.redhat.com/errata/RHSA-2026:9098
reference_id RHSA-2026:9098
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9098
141
reference_url https://access.redhat.com/errata/RHSA-2026:9108
reference_id RHSA-2026:9108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9108
142
reference_url https://access.redhat.com/errata/RHSA-2026:9109
reference_id RHSA-2026:9109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9109
143
reference_url https://access.redhat.com/errata/RHSA-2026:9385
reference_id RHSA-2026:9385
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9385
144
reference_url https://access.redhat.com/errata/RHSA-2026:9848
reference_id RHSA-2026:9848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9848
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2025-68121
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dp1t-v58b-43du
7
url VCID-gtys-5r5h-p7ht
vulnerability_id VCID-gtys-5r5h-p7ht
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33810.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33810.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33810
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01216
published_at 2026-04-16T12:55:00Z
1
value 0.00011
scoring_system epss
scoring_elements 0.014
published_at 2026-05-05T12:55:00Z
2
value 0.00011
scoring_system epss
scoring_elements 0.01409
published_at 2026-04-29T12:55:00Z
3
value 0.00011
scoring_system epss
scoring_elements 0.01404
published_at 2026-04-26T12:55:00Z
4
value 0.00011
scoring_system epss
scoring_elements 0.01399
published_at 2026-04-24T12:55:00Z
5
value 0.00011
scoring_system epss
scoring_elements 0.01389
published_at 2026-04-21T12:55:00Z
6
value 5e-05
scoring_system epss
scoring_elements 0.00274
published_at 2026-04-09T12:55:00Z
7
value 5e-05
scoring_system epss
scoring_elements 0.00212
published_at 2026-04-11T12:55:00Z
8
value 5e-05
scoring_system epss
scoring_elements 0.00211
published_at 2026-04-13T12:55:00Z
9
value 5e-05
scoring_system epss
scoring_elements 0.00276
published_at 2026-04-08T12:55:00Z
10
value 9e-05
scoring_system epss
scoring_elements 0.00967
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33810
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
reference_id 0uYbvbPZRWU
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/
url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456335
reference_id 2456335
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456335
5
reference_url https://go.dev/cl/763763
reference_id 763763
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/
url https://go.dev/cl/763763
6
reference_url https://go.dev/issue/78332
reference_id 78332
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/
url https://go.dev/issue/78332
7
reference_url https://pkg.go.dev/vuln/GO-2026-4866
reference_id GO-2026-4866
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/
url https://pkg.go.dev/vuln/GO-2026-4866
8
reference_url https://access.redhat.com/errata/RHSA-2026:10155
reference_id RHSA-2026:10155
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10155
9
reference_url https://access.redhat.com/errata/RHSA-2026:10158
reference_id RHSA-2026:10158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10158
10
reference_url https://access.redhat.com/errata/RHSA-2026:11330
reference_id RHSA-2026:11330
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11330
11
reference_url https://access.redhat.com/errata/RHSA-2026:11331
reference_id RHSA-2026:11331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11331
12
reference_url https://access.redhat.com/errata/RHSA-2026:13545
reference_id RHSA-2026:13545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13545
13
reference_url https://access.redhat.com/errata/RHSA-2026:9385
reference_id RHSA-2026:9385
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9385
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-33810
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gtys-5r5h-p7ht
8
url VCID-h4tn-wydf-mydg
vulnerability_id VCID-h4tn-wydf-mydg
summary golang.org/x/net/http2: golang.org/x/net/http2: Denial of Service due to malformed HTTP/2 frames
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27141.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27141.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27141
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.0593
published_at 2026-04-02T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05946
published_at 2026-04-07T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.06023
published_at 2026-04-09T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.06015
published_at 2026-04-11T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.06006
published_at 2026-04-12T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05998
published_at 2026-04-13T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05963
published_at 2026-04-16T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05974
published_at 2026-04-18T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.06125
published_at 2026-04-21T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.06139
published_at 2026-04-24T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.0617
published_at 2026-04-26T12:55:00Z
11
value 0.00022
scoring_system epss
scoring_elements 0.06178
published_at 2026-04-29T12:55:00Z
12
value 0.00022
scoring_system epss
scoring_elements 0.05962
published_at 2026-04-04T12:55:00Z
13
value 0.00022
scoring_system epss
scoring_elements 0.05985
published_at 2026-04-08T12:55:00Z
14
value 0.00023
scoring_system epss
scoring_elements 0.06439
published_at 2026-05-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27141
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2443104
reference_id 2443104
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2443104
4
reference_url https://go.dev/cl/746180
reference_id 746180
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-27T19:11:24Z/
url https://go.dev/cl/746180
5
reference_url https://go.dev/issue/77652
reference_id 77652
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-27T19:11:24Z/
url https://go.dev/issue/77652
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-27141
reference_id CVE-2026-27141
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-27T19:11:24Z/
url https://nvd.nist.gov/vuln/detail/CVE-2026-27141
7
reference_url https://pkg.go.dev/vuln/GO-2026-4559
reference_id GO-2026-4559
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-27T19:11:24Z/
url https://pkg.go.dev/vuln/GO-2026-4559
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-27141
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h4tn-wydf-mydg
9
url VCID-ju53-xpej-3qca
vulnerability_id VCID-ju53-xpej-3qca
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27140.json
reference_id
reference_type
scores
0
value 9.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27140.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27140
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02635
published_at 2026-04-18T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02748
published_at 2026-05-05T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02776
published_at 2026-04-29T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02722
published_at 2026-04-26T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02735
published_at 2026-04-24T12:55:00Z
5
value 0.00014
scoring_system epss
scoring_elements 0.02746
published_at 2026-04-21T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05345
published_at 2026-04-16T12:55:00Z
7
value 8e-05
scoring_system epss
scoring_elements 0.00649
published_at 2026-04-11T12:55:00Z
8
value 8e-05
scoring_system epss
scoring_elements 0.00644
published_at 2026-04-12T12:55:00Z
9
value 8e-05
scoring_system epss
scoring_elements 0.00655
published_at 2026-04-08T12:55:00Z
10
value 8e-05
scoring_system epss
scoring_elements 0.00646
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27140
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27140
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27140
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
reference_id 0uYbvbPZRWU
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/
url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456341
reference_id 2456341
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456341
6
reference_url https://go.dev/cl/763768
reference_id 763768
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/
url https://go.dev/cl/763768
7
reference_url https://go.dev/issue/78335
reference_id 78335
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/
url https://go.dev/issue/78335
8
reference_url https://pkg.go.dev/vuln/GO-2026-4871
reference_id GO-2026-4871
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/
url https://pkg.go.dev/vuln/GO-2026-4871
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-27140
risk_score 4.0
exploitability 0.5
weighted_severity 8.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ju53-xpej-3qca
10
url VCID-mhf1-8kyt-pbbx
vulnerability_id VCID-mhf1-8kyt-pbbx
summary 
gRPC-Go has an authorization bypass via missing leading slash in :path
### Impact
_What kind of vulnerability is it? Who is impacted?_

It is an **Authorization Bypass** resulting from **Improper Input Validation** of the HTTP/2 `:path` pseudo-header.

The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, "deny" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback "allow" rule was present.

**Who is impacted?**
This affects gRPC-Go servers that meet both of the following criteria:
1. They use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`.
2. Their security policy contains specific "deny" rules for canonical paths but allows other requests by default (a fallback "allow" rule).

The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server.

### Patches
_Has the problem been patched? What versions should users upgrade to?_

Yes, the issue has been patched. The fix ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string.

Users should upgrade to the following versions (or newer):
* **v1.79.3**
* The latest **master** branch.

It is recommended that all users employing path-based authorization (especially `grpc/authz`) upgrade as soon as the patch is available in a tagged release.

### Workarounds
_Is there a way for users to fix or remediate the vulnerability without upgrading?_

While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods:

#### 1. Use a Validating Interceptor (Recommended Mitigation)
Add an "outermost" interceptor to your server that validates the path before any other authorization logic runs:

```go
func pathValidationInterceptor(ctx context.Context, req any, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (any, error) {
    if info.FullMethod == "" || info.FullMethod[0] != '/' {
        return nil, status.Errorf(codes.Unimplemented, "malformed method name")
    }   
    return handler(ctx, req)
}

// Ensure this is the FIRST interceptor in your chain
s := grpc.NewServer(
    grpc.ChainUnaryInterceptor(pathValidationInterceptor, authzInterceptor),
)
```

#### 2. Infrastructure-Level Normalization
If your gRPC server is behind a reverse proxy or load balancer (such as Envoy, NGINX, or an L7 Cloud Load Balancer), ensure it is configured to enforce strict HTTP/2 compliance for pseudo-headers and reject or normalize requests where the `:path` header does not start with a leading slash.

#### 3. Policy Hardening
Switch to a "default deny" posture in your authorization policies (explicitly listing all allowed paths and denying everything else) to reduce the risk of bypasses via malformed inputs.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33186.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33186.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33186
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02582
published_at 2026-04-07T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02565
published_at 2026-04-02T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02609
published_at 2026-04-09T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02579
published_at 2026-04-04T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02588
published_at 2026-04-08T12:55:00Z
5
value 0.00016
scoring_system epss
scoring_elements 0.03421
published_at 2026-04-11T12:55:00Z
6
value 0.00016
scoring_system epss
scoring_elements 0.03345
published_at 2026-04-16T12:55:00Z
7
value 0.00016
scoring_system epss
scoring_elements 0.0337
published_at 2026-04-13T12:55:00Z
8
value 0.00016
scoring_system epss
scoring_elements 0.03393
published_at 2026-04-12T12:55:00Z
9
value 0.00016
scoring_system epss
scoring_elements 0.03357
published_at 2026-04-18T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05367
published_at 2026-05-05T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05377
published_at 2026-04-26T12:55:00Z
12
value 0.0002
scoring_system epss
scoring_elements 0.05376
published_at 2026-04-29T12:55:00Z
13
value 0.00023
scoring_system epss
scoring_elements 0.06277
published_at 2026-04-21T12:55:00Z
14
value 0.00023
scoring_system epss
scoring_elements 0.06296
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33186
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33186
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33186
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/grpc/grpc-go
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/grpc/grpc-go
5
reference_url https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T18:08:38Z/
url https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33186
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33186
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132228
reference_id 1132228
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132228
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2449833
reference_id 2449833
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2449833
9
reference_url https://access.redhat.com/errata/RHSA-2026:10093
reference_id RHSA-2026:10093
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10093
10
reference_url https://access.redhat.com/errata/RHSA-2026:10094
reference_id RHSA-2026:10094
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10094
11
reference_url https://access.redhat.com/errata/RHSA-2026:10105
reference_id RHSA-2026:10105
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10105
12
reference_url https://access.redhat.com/errata/RHSA-2026:10107
reference_id RHSA-2026:10107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10107
13
reference_url https://access.redhat.com/errata/RHSA-2026:10125
reference_id RHSA-2026:10125
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10125
14
reference_url https://access.redhat.com/errata/RHSA-2026:10126
reference_id RHSA-2026:10126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10126
15
reference_url https://access.redhat.com/errata/RHSA-2026:10130
reference_id RHSA-2026:10130
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10130
16
reference_url https://access.redhat.com/errata/RHSA-2026:10131
reference_id RHSA-2026:10131
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10131
17
reference_url https://access.redhat.com/errata/RHSA-2026:10153
reference_id RHSA-2026:10153
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10153
18
reference_url https://access.redhat.com/errata/RHSA-2026:10155
reference_id RHSA-2026:10155
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10155
19
reference_url https://access.redhat.com/errata/RHSA-2026:10158
reference_id RHSA-2026:10158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10158
20
reference_url https://access.redhat.com/errata/RHSA-2026:10172
reference_id RHSA-2026:10172
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10172
21
reference_url https://access.redhat.com/errata/RHSA-2026:10175
reference_id RHSA-2026:10175
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10175
22
reference_url https://access.redhat.com/errata/RHSA-2026:10698
reference_id RHSA-2026:10698
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10698
23
reference_url https://access.redhat.com/errata/RHSA-2026:10705
reference_id RHSA-2026:10705
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10705
24
reference_url https://access.redhat.com/errata/RHSA-2026:10706
reference_id RHSA-2026:10706
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10706
25
reference_url https://access.redhat.com/errata/RHSA-2026:11070
reference_id RHSA-2026:11070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11070
26
reference_url https://access.redhat.com/errata/RHSA-2026:11217
reference_id RHSA-2026:11217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11217
27
reference_url https://access.redhat.com/errata/RHSA-2026:11330
reference_id RHSA-2026:11330
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11330
28
reference_url https://access.redhat.com/errata/RHSA-2026:11331
reference_id RHSA-2026:11331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11331
29
reference_url https://access.redhat.com/errata/RHSA-2026:11408
reference_id RHSA-2026:11408
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11408
30
reference_url https://access.redhat.com/errata/RHSA-2026:11803
reference_id RHSA-2026:11803
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11803
31
reference_url https://access.redhat.com/errata/RHSA-2026:11856
reference_id RHSA-2026:11856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11856
32
reference_url https://access.redhat.com/errata/RHSA-2026:11916
reference_id RHSA-2026:11916
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11916
33
reference_url https://access.redhat.com/errata/RHSA-2026:11996
reference_id RHSA-2026:11996
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11996
34
reference_url https://access.redhat.com/errata/RHSA-2026:12116
reference_id RHSA-2026:12116
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12116
35
reference_url https://access.redhat.com/errata/RHSA-2026:12277
reference_id RHSA-2026:12277
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12277
36
reference_url https://access.redhat.com/errata/RHSA-2026:12279
reference_id RHSA-2026:12279
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12279
37
reference_url https://access.redhat.com/errata/RHSA-2026:12337
reference_id RHSA-2026:12337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12337
38
reference_url https://access.redhat.com/errata/RHSA-2026:13548
reference_id RHSA-2026:13548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13548
39
reference_url https://access.redhat.com/errata/RHSA-2026:13791
reference_id RHSA-2026:13791
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13791
40
reference_url https://access.redhat.com/errata/RHSA-2026:13829
reference_id RHSA-2026:13829
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13829
41
reference_url https://access.redhat.com/errata/RHSA-2026:6174
reference_id RHSA-2026:6174
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6174
42
reference_url https://access.redhat.com/errata/RHSA-2026:6428
reference_id RHSA-2026:6428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6428
43
reference_url https://access.redhat.com/errata/RHSA-2026:6564
reference_id RHSA-2026:6564
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6564
44
reference_url https://access.redhat.com/errata/RHSA-2026:6802
reference_id RHSA-2026:6802
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6802
45
reference_url https://access.redhat.com/errata/RHSA-2026:7110
reference_id RHSA-2026:7110
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7110
46
reference_url https://access.redhat.com/errata/RHSA-2026:7128
reference_id RHSA-2026:7128
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7128
47
reference_url https://access.redhat.com/errata/RHSA-2026:7245
reference_id RHSA-2026:7245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7245
48
reference_url https://access.redhat.com/errata/RHSA-2026:8151
reference_id RHSA-2026:8151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8151
49
reference_url https://access.redhat.com/errata/RHSA-2026:8338
reference_id RHSA-2026:8338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8338
50
reference_url https://access.redhat.com/errata/RHSA-2026:8433
reference_id RHSA-2026:8433
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8433
51
reference_url https://access.redhat.com/errata/RHSA-2026:8449
reference_id RHSA-2026:8449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8449
52
reference_url https://access.redhat.com/errata/RHSA-2026:8483
reference_id RHSA-2026:8483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8483
53
reference_url https://access.redhat.com/errata/RHSA-2026:8484
reference_id RHSA-2026:8484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8484
54
reference_url https://access.redhat.com/errata/RHSA-2026:8490
reference_id RHSA-2026:8490
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8490
55
reference_url https://access.redhat.com/errata/RHSA-2026:8491
reference_id RHSA-2026:8491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8491
56
reference_url https://access.redhat.com/errata/RHSA-2026:8493
reference_id RHSA-2026:8493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8493
57
reference_url https://access.redhat.com/errata/RHSA-2026:9385
reference_id RHSA-2026:9385
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9385
58
reference_url https://access.redhat.com/errata/RHSA-2026:9388
reference_id RHSA-2026:9388
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9388
59
reference_url https://access.redhat.com/errata/RHSA-2026:9440
reference_id RHSA-2026:9440
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9440
60
reference_url https://access.redhat.com/errata/RHSA-2026:9448
reference_id RHSA-2026:9448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9448
61
reference_url https://access.redhat.com/errata/RHSA-2026:9453
reference_id RHSA-2026:9453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9453
62
reference_url https://access.redhat.com/errata/RHSA-2026:9872
reference_id RHSA-2026:9872
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9872
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-33186, GHSA-p77j-4mvh-x3m3
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mhf1-8kyt-pbbx
11
url VCID-nqrd-gp43-g7dw
vulnerability_id VCID-nqrd-gp43-g7dw
summary 
RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution
### Summary
The RC endpoint `operations/fsinfo` is exposed without `AuthRequired: true` and accepts attacker-controlled `fs` input. Because `rc.GetFs(...)` supports inline backend definitions, an unauthenticated attacker can instantiate an attacker-controlled backend on demand. For the WebDAV backend, `bearer_token_command` is executed during backend initialization, making single-request unauthenticated local command execution possible on reachable RC deployments without global HTTP authentication.

### Preconditions

Preconditions for this vulnerability are:

- The rclone remote control API **must** be enabled, either by the `--rc` flag or by running the `rclone rcd` server
- The remote control API **must** be reachable by the attacker - by default rclone only serves the rc to localhost unless the `--rc-addr` flag is in use
- The rc must have been deployed **without** global RC HTTP authentication - so not using `--rc-user`/`--rc-pass`/`--rc-htpasswd`/etc


### Details
The root cause consists of the following pieces:

1. `operations/fsinfo` is not protected with `AuthRequired: true`
2. `operations/fsinfo` calls `rc.GetFs(...)` on attacker-controlled input
3. `rc.GetFs(...)` supports inline backend creation through object-valued `fs`
4. WebDAV backend initialization executes `bearer_token_command`

Relevant code paths:

- [`fs/operations/rc.go`](https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/fs/operations/rc.go)
  - `operations/fsinfo` is registered without `AuthRequired: true`
  - `rcFsInfo()` calls `rc.GetFs(ctx, in)`

- [`fs/rc/cache.go`](https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/fs/rc/cache.go)
  - `GetFs()` / `GetFsNamed()` can parse an object-valued `fs`
  - `getConfigMap()` converts attacker-controlled JSON into a backend config string

- [`backend/webdav/webdav.go`](https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/backend/webdav/webdav.go)
  - `bearer_token_command` is a supported backend option
  - `NewFs(...)` calls `fetchAndSetBearerToken()` when `bearer_token_command` is set
  - `fetchBearerToken()` invokes `exec.Command(...)`

This creates a practical single-request unauthenticated command-execution primitive on reachable RC servers without global HTTP authentication.

This was alidated on:
- current `master` as of 2026-04-14: `bf55d5e6d37fd86164a87782191f9e1ffcaafa82`
- latest public release tested locally: `v1.73.4`

This was also validated on a public amd64 Ubuntu host controlled by the tester, using direct host execution (not containerized PoC execution).

### PoC
#### Minimal single-request form PoC
Start a vulnerable RC server:

```bash
rclone rcd --rc-addr 127.0.0.1:5572
```

No `--rc-user`, no `--rc-pass`, no `--rc-htpasswd`.

Then send a single request:

```bash
curl -sS -X POST http://127.0.0.1:5572/operations/fsinfo \
  --data-urlencode "fs=:webdav,url='http://127.0.0.1/',vendor=other,bearer_token_command='/usr/bin/touch /tmp/rclone_fsinfo_rce_poc_marker':"
```

Expected result:
- HTTP 200 JSON response from `operations/fsinfo`
- `/tmp/rclone_fsinfo_rce_poc_marker` is created on the host

### Impact
This is effectively a single-request unauthenticated command-execution vulnerability on reachable RC deployments without global HTTP authentication.

In practice, command execution in the rclone process context can lead to higher-impact outcomes such as local file read, file write, or shell access, depending on the deployed environment.

#### Testing performed
This was successfully reproduced:
- on a local test environment
- on a public amd64 Ubuntu host controlled by the tester

On the public host it was confirmed:

- the unauthenticated `operations/fsinfo` exploit worked
- command execution occurred on the host
- the issue was reproducible through direct host execution
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41179.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41179.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41179
reference_id
reference_type
scores
0
value 0.05976
scoring_system epss
scoring_elements 0.90692
published_at 2026-04-26T12:55:00Z
1
value 0.09603
scoring_system epss
scoring_elements 0.92904
published_at 2026-05-05T12:55:00Z
2
value 0.09603
scoring_system epss
scoring_elements 0.92896
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41179
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41179
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41179
3
reference_url https://github.com/rclone/rclone
reference_id
reference_type
scores
0
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rclone/rclone
4
reference_url https://github.com/rclone/rclone/security/advisories/GHSA-jfwf-28xr-xw6q
reference_id
reference_type
scores
0
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-27T13:33:03Z/
url https://github.com/rclone/rclone/security/advisories/GHSA-jfwf-28xr-xw6q
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134735
reference_id 1134735
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134735
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460988
reference_id 2460988
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460988
7
reference_url https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/fs/rc/cache.go
reference_id cache.go
reference_type
scores
0
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-27T13:33:03Z/
url https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/fs/rc/cache.go
8
reference_url https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/fs/operations/rc.go
reference_id rc.go
reference_type
scores
0
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-27T13:33:03Z/
url https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/fs/operations/rc.go
9
reference_url https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/backend/webdav/webdav.go
reference_id webdav.go
reference_type
scores
0
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-27T13:33:03Z/
url https://github.com/rclone/rclone/blob/bf55d5e6d37fd86164a87782191f9e1ffcaafa82/backend/webdav/webdav.go
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-41179, GHSA-jfwf-28xr-xw6q
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nqrd-gp43-g7dw
12
url VCID-pcez-y67t-8yg3
vulnerability_id VCID-pcez-y67t-8yg3
summary net/url: Incorrect parsing of IPv6 host literals in net/url
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25679.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25679.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25679
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.08816
published_at 2026-04-04T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.08768
published_at 2026-04-02T12:55:00Z
2
value 0.00033
scoring_system epss
scoring_elements 0.09672
published_at 2026-04-07T12:55:00Z
3
value 0.00033
scoring_system epss
scoring_elements 0.09743
published_at 2026-04-08T12:55:00Z
4
value 0.00033
scoring_system epss
scoring_elements 0.09793
published_at 2026-04-09T12:55:00Z
5
value 0.00033
scoring_system epss
scoring_elements 0.09802
published_at 2026-04-11T12:55:00Z
6
value 0.00033
scoring_system epss
scoring_elements 0.09771
published_at 2026-04-12T12:55:00Z
7
value 0.00033
scoring_system epss
scoring_elements 0.09754
published_at 2026-04-13T12:55:00Z
8
value 0.00033
scoring_system epss
scoring_elements 0.0964
published_at 2026-04-16T12:55:00Z
9
value 0.00033
scoring_system epss
scoring_elements 0.09612
published_at 2026-04-18T12:55:00Z
10
value 0.00051
scoring_system epss
scoring_elements 0.15881
published_at 2026-04-21T12:55:00Z
11
value 0.00052
scoring_system epss
scoring_elements 0.15973
published_at 2026-04-29T12:55:00Z
12
value 0.00052
scoring_system epss
scoring_elements 0.15853
published_at 2026-05-05T12:55:00Z
13
value 0.00052
scoring_system epss
scoring_elements 0.16017
published_at 2026-04-24T12:55:00Z
14
value 0.00052
scoring_system epss
scoring_elements 0.16013
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25679
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445356
reference_id 2445356
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445356
4
reference_url https://go.dev/cl/752180
reference_id 752180
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/
url https://go.dev/cl/752180
5
reference_url https://go.dev/issue/77578
reference_id 77578
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/
url https://go.dev/issue/77578
6
reference_url https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk
reference_id EdhZqrQ98hk
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/
url https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk
7
reference_url https://pkg.go.dev/vuln/GO-2026-4601
reference_id GO-2026-4601
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/
url https://pkg.go.dev/vuln/GO-2026-4601
8
reference_url https://access.redhat.com/errata/RHSA-2026:10065
reference_id RHSA-2026:10065
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10065
9
reference_url https://access.redhat.com/errata/RHSA-2026:10125
reference_id RHSA-2026:10125
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10125
10
reference_url https://access.redhat.com/errata/RHSA-2026:10133
reference_id RHSA-2026:10133
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10133
11
reference_url https://access.redhat.com/errata/RHSA-2026:10140
reference_id RHSA-2026:10140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10140
12
reference_url https://access.redhat.com/errata/RHSA-2026:10141
reference_id RHSA-2026:10141
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10141
13
reference_url https://access.redhat.com/errata/RHSA-2026:10158
reference_id RHSA-2026:10158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10158
14
reference_url https://access.redhat.com/errata/RHSA-2026:10169
reference_id RHSA-2026:10169
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10169
15
reference_url https://access.redhat.com/errata/RHSA-2026:10175
reference_id RHSA-2026:10175
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10175
16
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
17
reference_url https://access.redhat.com/errata/RHSA-2026:10225
reference_id RHSA-2026:10225
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10225
18
reference_url https://access.redhat.com/errata/RHSA-2026:10250
reference_id RHSA-2026:10250
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10250
19
reference_url https://access.redhat.com/errata/RHSA-2026:10701
reference_id RHSA-2026:10701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10701
20
reference_url https://access.redhat.com/errata/RHSA-2026:10712
reference_id RHSA-2026:10712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10712
21
reference_url https://access.redhat.com/errata/RHSA-2026:10929
reference_id RHSA-2026:10929
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10929
22
reference_url https://access.redhat.com/errata/RHSA-2026:11331
reference_id RHSA-2026:11331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11331
23
reference_url https://access.redhat.com/errata/RHSA-2026:11375
reference_id RHSA-2026:11375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11375
24
reference_url https://access.redhat.com/errata/RHSA-2026:11412
reference_id RHSA-2026:11412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11412
25
reference_url https://access.redhat.com/errata/RHSA-2026:11413
reference_id RHSA-2026:11413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11413
26
reference_url https://access.redhat.com/errata/RHSA-2026:11686
reference_id RHSA-2026:11686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11686
27
reference_url https://access.redhat.com/errata/RHSA-2026:11688
reference_id RHSA-2026:11688
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11688
28
reference_url https://access.redhat.com/errata/RHSA-2026:11747
reference_id RHSA-2026:11747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11747
29
reference_url https://access.redhat.com/errata/RHSA-2026:11749
reference_id RHSA-2026:11749
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11749
30
reference_url https://access.redhat.com/errata/RHSA-2026:11768
reference_id RHSA-2026:11768
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11768
31
reference_url https://access.redhat.com/errata/RHSA-2026:11800
reference_id RHSA-2026:11800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11800
32
reference_url https://access.redhat.com/errata/RHSA-2026:11856
reference_id RHSA-2026:11856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11856
33
reference_url https://access.redhat.com/errata/RHSA-2026:11916
reference_id RHSA-2026:11916
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11916
34
reference_url https://access.redhat.com/errata/RHSA-2026:11996
reference_id RHSA-2026:11996
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11996
35
reference_url https://access.redhat.com/errata/RHSA-2026:12028
reference_id RHSA-2026:12028
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12028
36
reference_url https://access.redhat.com/errata/RHSA-2026:12029
reference_id RHSA-2026:12029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12029
37
reference_url https://access.redhat.com/errata/RHSA-2026:12030
reference_id RHSA-2026:12030
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12030
38
reference_url https://access.redhat.com/errata/RHSA-2026:12031
reference_id RHSA-2026:12031
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12031
39
reference_url https://access.redhat.com/errata/RHSA-2026:12032
reference_id RHSA-2026:12032
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12032
40
reference_url https://access.redhat.com/errata/RHSA-2026:12033
reference_id RHSA-2026:12033
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12033
41
reference_url https://access.redhat.com/errata/RHSA-2026:13508
reference_id RHSA-2026:13508
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13508
42
reference_url https://access.redhat.com/errata/RHSA-2026:13512
reference_id RHSA-2026:13512
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13512
43
reference_url https://access.redhat.com/errata/RHSA-2026:13545
reference_id RHSA-2026:13545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13545
44
reference_url https://access.redhat.com/errata/RHSA-2026:13642
reference_id RHSA-2026:13642
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13642
45
reference_url https://access.redhat.com/errata/RHSA-2026:13643
reference_id RHSA-2026:13643
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13643
46
reference_url https://access.redhat.com/errata/RHSA-2026:13671
reference_id RHSA-2026:13671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13671
47
reference_url https://access.redhat.com/errata/RHSA-2026:5110
reference_id RHSA-2026:5110
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5110
48
reference_url https://access.redhat.com/errata/RHSA-2026:5549
reference_id RHSA-2026:5549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5549
49
reference_url https://access.redhat.com/errata/RHSA-2026:5941
reference_id RHSA-2026:5941
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5941
50
reference_url https://access.redhat.com/errata/RHSA-2026:5942
reference_id RHSA-2026:5942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5942
51
reference_url https://access.redhat.com/errata/RHSA-2026:5943
reference_id RHSA-2026:5943
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5943
52
reference_url https://access.redhat.com/errata/RHSA-2026:5944
reference_id RHSA-2026:5944
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5944
53
reference_url https://access.redhat.com/errata/RHSA-2026:6341
reference_id RHSA-2026:6341
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6341
54
reference_url https://access.redhat.com/errata/RHSA-2026:6344
reference_id RHSA-2026:6344
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6344
55
reference_url https://access.redhat.com/errata/RHSA-2026:6382
reference_id RHSA-2026:6382
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6382
56
reference_url https://access.redhat.com/errata/RHSA-2026:6383
reference_id RHSA-2026:6383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6383
57
reference_url https://access.redhat.com/errata/RHSA-2026:6388
reference_id RHSA-2026:6388
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6388
58
reference_url https://access.redhat.com/errata/RHSA-2026:6564
reference_id RHSA-2026:6564
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6564
59
reference_url https://access.redhat.com/errata/RHSA-2026:6720
reference_id RHSA-2026:6720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6720
60
reference_url https://access.redhat.com/errata/RHSA-2026:6802
reference_id RHSA-2026:6802
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6802
61
reference_url https://access.redhat.com/errata/RHSA-2026:6949
reference_id RHSA-2026:6949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6949
62
reference_url https://access.redhat.com/errata/RHSA-2026:7005
reference_id RHSA-2026:7005
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7005
63
reference_url https://access.redhat.com/errata/RHSA-2026:7009
reference_id RHSA-2026:7009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7009
64
reference_url https://access.redhat.com/errata/RHSA-2026:7011
reference_id RHSA-2026:7011
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7011
65
reference_url https://access.redhat.com/errata/RHSA-2026:7259
reference_id RHSA-2026:7259
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7259
66
reference_url https://access.redhat.com/errata/RHSA-2026:7315
reference_id RHSA-2026:7315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7315
67
reference_url https://access.redhat.com/errata/RHSA-2026:7328
reference_id RHSA-2026:7328
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7328
68
reference_url https://access.redhat.com/errata/RHSA-2026:7665
reference_id RHSA-2026:7665
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7665
69
reference_url https://access.redhat.com/errata/RHSA-2026:7669
reference_id RHSA-2026:7669
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7669
70
reference_url https://access.redhat.com/errata/RHSA-2026:7674
reference_id RHSA-2026:7674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7674
71
reference_url https://access.redhat.com/errata/RHSA-2026:7833
reference_id RHSA-2026:7833
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7833
72
reference_url https://access.redhat.com/errata/RHSA-2026:7834
reference_id RHSA-2026:7834
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7834
73
reference_url https://access.redhat.com/errata/RHSA-2026:7876
reference_id RHSA-2026:7876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7876
74
reference_url https://access.redhat.com/errata/RHSA-2026:7877
reference_id RHSA-2026:7877
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7877
75
reference_url https://access.redhat.com/errata/RHSA-2026:7878
reference_id RHSA-2026:7878
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7878
76
reference_url https://access.redhat.com/errata/RHSA-2026:7879
reference_id RHSA-2026:7879
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7879
77
reference_url https://access.redhat.com/errata/RHSA-2026:7883
reference_id RHSA-2026:7883
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7883
78
reference_url https://access.redhat.com/errata/RHSA-2026:7992
reference_id RHSA-2026:7992
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7992
79
reference_url https://access.redhat.com/errata/RHSA-2026:8151
reference_id RHSA-2026:8151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8151
80
reference_url https://access.redhat.com/errata/RHSA-2026:8167
reference_id RHSA-2026:8167
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8167
81
reference_url https://access.redhat.com/errata/RHSA-2026:8314
reference_id RHSA-2026:8314
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8314
82
reference_url https://access.redhat.com/errata/RHSA-2026:8322
reference_id RHSA-2026:8322
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8322
83
reference_url https://access.redhat.com/errata/RHSA-2026:8324
reference_id RHSA-2026:8324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8324
84
reference_url https://access.redhat.com/errata/RHSA-2026:8337
reference_id RHSA-2026:8337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8337
85
reference_url https://access.redhat.com/errata/RHSA-2026:8338
reference_id RHSA-2026:8338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8338
86
reference_url https://access.redhat.com/errata/RHSA-2026:8433
reference_id RHSA-2026:8433
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8433
87
reference_url https://access.redhat.com/errata/RHSA-2026:8434
reference_id RHSA-2026:8434
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8434
88
reference_url https://access.redhat.com/errata/RHSA-2026:8456
reference_id RHSA-2026:8456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8456
89
reference_url https://access.redhat.com/errata/RHSA-2026:8483
reference_id RHSA-2026:8483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8483
90
reference_url https://access.redhat.com/errata/RHSA-2026:8484
reference_id RHSA-2026:8484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8484
91
reference_url https://access.redhat.com/errata/RHSA-2026:8490
reference_id RHSA-2026:8490
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8490
92
reference_url https://access.redhat.com/errata/RHSA-2026:8491
reference_id RHSA-2026:8491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8491
93
reference_url https://access.redhat.com/errata/RHSA-2026:8493
reference_id RHSA-2026:8493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8493
94
reference_url https://access.redhat.com/errata/RHSA-2026:8840
reference_id RHSA-2026:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8840
95
reference_url https://access.redhat.com/errata/RHSA-2026:8841
reference_id RHSA-2026:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8841
96
reference_url https://access.redhat.com/errata/RHSA-2026:8842
reference_id RHSA-2026:8842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8842
97
reference_url https://access.redhat.com/errata/RHSA-2026:8845
reference_id RHSA-2026:8845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8845
98
reference_url https://access.redhat.com/errata/RHSA-2026:8847
reference_id RHSA-2026:8847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8847
99
reference_url https://access.redhat.com/errata/RHSA-2026:8848
reference_id RHSA-2026:8848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8848
100
reference_url https://access.redhat.com/errata/RHSA-2026:8849
reference_id RHSA-2026:8849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8849
101
reference_url https://access.redhat.com/errata/RHSA-2026:8851
reference_id RHSA-2026:8851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8851
102
reference_url https://access.redhat.com/errata/RHSA-2026:8852
reference_id RHSA-2026:8852
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8852
103
reference_url https://access.redhat.com/errata/RHSA-2026:8853
reference_id RHSA-2026:8853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8853
104
reference_url https://access.redhat.com/errata/RHSA-2026:8855
reference_id RHSA-2026:8855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8855
105
reference_url https://access.redhat.com/errata/RHSA-2026:8856
reference_id RHSA-2026:8856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8856
106
reference_url https://access.redhat.com/errata/RHSA-2026:8860
reference_id RHSA-2026:8860
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8860
107
reference_url https://access.redhat.com/errata/RHSA-2026:8877
reference_id RHSA-2026:8877
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8877
108
reference_url https://access.redhat.com/errata/RHSA-2026:8878
reference_id RHSA-2026:8878
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8878
109
reference_url https://access.redhat.com/errata/RHSA-2026:8879
reference_id RHSA-2026:8879
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8879
110
reference_url https://access.redhat.com/errata/RHSA-2026:8881
reference_id RHSA-2026:8881
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8881
111
reference_url https://access.redhat.com/errata/RHSA-2026:8882
reference_id RHSA-2026:8882
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8882
112
reference_url https://access.redhat.com/errata/RHSA-2026:8930
reference_id RHSA-2026:8930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8930
113
reference_url https://access.redhat.com/errata/RHSA-2026:8931
reference_id RHSA-2026:8931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8931
114
reference_url https://access.redhat.com/errata/RHSA-2026:8949
reference_id RHSA-2026:8949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8949
115
reference_url https://access.redhat.com/errata/RHSA-2026:9043
reference_id RHSA-2026:9043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9043
116
reference_url https://access.redhat.com/errata/RHSA-2026:9044
reference_id RHSA-2026:9044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9044
117
reference_url https://access.redhat.com/errata/RHSA-2026:9052
reference_id RHSA-2026:9052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9052
118
reference_url https://access.redhat.com/errata/RHSA-2026:9090
reference_id RHSA-2026:9090
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9090
119
reference_url https://access.redhat.com/errata/RHSA-2026:9093
reference_id RHSA-2026:9093
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9093
120
reference_url https://access.redhat.com/errata/RHSA-2026:9094
reference_id RHSA-2026:9094
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9094
121
reference_url https://access.redhat.com/errata/RHSA-2026:9097
reference_id RHSA-2026:9097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9097
122
reference_url https://access.redhat.com/errata/RHSA-2026:9098
reference_id RHSA-2026:9098
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9098
123
reference_url https://access.redhat.com/errata/RHSA-2026:9108
reference_id RHSA-2026:9108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9108
124
reference_url https://access.redhat.com/errata/RHSA-2026:9109
reference_id RHSA-2026:9109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9109
125
reference_url https://access.redhat.com/errata/RHSA-2026:9385
reference_id RHSA-2026:9385
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9385
126
reference_url https://access.redhat.com/errata/RHSA-2026:9434
reference_id RHSA-2026:9434
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9434
127
reference_url https://access.redhat.com/errata/RHSA-2026:9435
reference_id RHSA-2026:9435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9435
128
reference_url https://access.redhat.com/errata/RHSA-2026:9436
reference_id RHSA-2026:9436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9436
129
reference_url https://access.redhat.com/errata/RHSA-2026:9439
reference_id RHSA-2026:9439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9439
130
reference_url https://access.redhat.com/errata/RHSA-2026:9440
reference_id RHSA-2026:9440
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9440
131
reference_url https://access.redhat.com/errata/RHSA-2026:9448
reference_id RHSA-2026:9448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9448
132
reference_url https://access.redhat.com/errata/RHSA-2026:9453
reference_id RHSA-2026:9453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9453
133
reference_url https://access.redhat.com/errata/RHSA-2026:9461
reference_id RHSA-2026:9461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9461
134
reference_url https://access.redhat.com/errata/RHSA-2026:9695
reference_id RHSA-2026:9695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9695
135
reference_url https://access.redhat.com/errata/RHSA-2026:9742
reference_id RHSA-2026:9742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9742
136
reference_url https://access.redhat.com/errata/RHSA-2026:9872
reference_id RHSA-2026:9872
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9872
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-25679
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pcez-y67t-8yg3
13
url VCID-s176-xcrb-e3ea
vulnerability_id VCID-s176-xcrb-e3ea
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27143.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27143.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27143
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.0442
published_at 2026-04-18T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04649
published_at 2026-05-05T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04594
published_at 2026-04-24T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04628
published_at 2026-04-26T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04653
published_at 2026-04-29T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04556
published_at 2026-04-21T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06628
published_at 2026-04-16T12:55:00Z
7
value 7e-05
scoring_system epss
scoring_elements 0.0062
published_at 2026-04-13T12:55:00Z
8
value 7e-05
scoring_system epss
scoring_elements 0.00618
published_at 2026-04-12T12:55:00Z
9
value 7e-05
scoring_system epss
scoring_elements 0.00622
published_at 2026-04-11T12:55:00Z
10
value 7e-05
scoring_system epss
scoring_elements 0.00623
published_at 2026-04-09T12:55:00Z
11
value 7e-05
scoring_system epss
scoring_elements 0.00629
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27143
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27143
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
reference_id 0uYbvbPZRWU
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/
url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456342
reference_id 2456342
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456342
6
reference_url https://go.dev/cl/763765
reference_id 763765
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/
url https://go.dev/cl/763765
7
reference_url https://go.dev/issue/78333
reference_id 78333
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/
url https://go.dev/issue/78333
8
reference_url https://pkg.go.dev/vuln/GO-2026-4868
reference_id GO-2026-4868
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/
url https://pkg.go.dev/vuln/GO-2026-4868
9
reference_url https://access.redhat.com/errata/RHSA-2026:11688
reference_id RHSA-2026:11688
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11688
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-27143
risk_score 3.9
exploitability 0.5
weighted_severity 7.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s176-xcrb-e3ea
14
url VCID-svbs-h3y5-wfbn
vulnerability_id VCID-svbs-h3y5-wfbn
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32289.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32289.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32289
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.0112
published_at 2026-04-18T12:55:00Z
1
value 0.0001
scoring_system epss
scoring_elements 0.01194
published_at 2026-05-05T12:55:00Z
2
value 0.0001
scoring_system epss
scoring_elements 0.012
published_at 2026-04-26T12:55:00Z
3
value 0.0001
scoring_system epss
scoring_elements 0.01193
published_at 2026-04-29T12:55:00Z
4
value 0.0001
scoring_system epss
scoring_elements 0.01189
published_at 2026-04-21T12:55:00Z
5
value 0.00011
scoring_system epss
scoring_elements 0.014
published_at 2026-04-13T12:55:00Z
6
value 0.00011
scoring_system epss
scoring_elements 0.01412
published_at 2026-04-08T12:55:00Z
7
value 0.00011
scoring_system epss
scoring_elements 0.01414
published_at 2026-04-09T12:55:00Z
8
value 0.00011
scoring_system epss
scoring_elements 0.01407
published_at 2026-04-11T12:55:00Z
9
value 0.00011
scoring_system epss
scoring_elements 0.01399
published_at 2026-04-12T12:55:00Z
10
value 0.00014
scoring_system epss
scoring_elements 0.02621
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32289
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32289
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32289
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
reference_id 0uYbvbPZRWU
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/
url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456334
reference_id 2456334
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456334
6
reference_url https://go.dev/cl/763762
reference_id 763762
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/
url https://go.dev/cl/763762
7
reference_url https://go.dev/issue/78331
reference_id 78331
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/
url https://go.dev/issue/78331
8
reference_url https://pkg.go.dev/vuln/GO-2026-4865
reference_id GO-2026-4865
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/
url https://pkg.go.dev/vuln/GO-2026-4865
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-32289
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-svbs-h3y5-wfbn
15
url VCID-t19m-gs1u-rbfp
vulnerability_id VCID-t19m-gs1u-rbfp
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27144.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27144.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27144
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.00294
published_at 2026-04-18T12:55:00Z
1
value 6e-05
scoring_system epss
scoring_elements 0.00308
published_at 2026-04-29T12:55:00Z
2
value 6e-05
scoring_system epss
scoring_elements 0.00312
published_at 2026-04-26T12:55:00Z
3
value 6e-05
scoring_system epss
scoring_elements 0.00314
published_at 2026-04-24T12:55:00Z
4
value 6e-05
scoring_system epss
scoring_elements 0.00313
published_at 2026-04-21T12:55:00Z
5
value 6e-05
scoring_system epss
scoring_elements 0.00307
published_at 2026-05-05T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.00687
published_at 2026-04-08T12:55:00Z
7
value 8e-05
scoring_system epss
scoring_elements 0.00679
published_at 2026-04-11T12:55:00Z
8
value 8e-05
scoring_system epss
scoring_elements 0.00672
published_at 2026-04-13T12:55:00Z
9
value 8e-05
scoring_system epss
scoring_elements 0.00693
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27144
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27144
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27144
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
reference_id 0uYbvbPZRWU
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/
url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456340
reference_id 2456340
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456340
6
reference_url https://go.dev/cl/763764
reference_id 763764
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/
url https://go.dev/cl/763764
7
reference_url https://go.dev/issue/78371
reference_id 78371
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/
url https://go.dev/issue/78371
8
reference_url https://pkg.go.dev/vuln/GO-2026-4867
reference_id GO-2026-4867
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/
url https://pkg.go.dev/vuln/GO-2026-4867
9
reference_url https://access.redhat.com/errata/RHSA-2026:11688
reference_id RHSA-2026:11688
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11688
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-27144
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t19m-gs1u-rbfp
16
url VCID-tf52-aa91-4kf3
vulnerability_id VCID-tf52-aa91-4kf3
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32280.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32280.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32280
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.0343
published_at 2026-04-13T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03529
published_at 2026-04-09T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.03484
published_at 2026-04-11T12:55:00Z
3
value 0.00016
scoring_system epss
scoring_elements 0.03455
published_at 2026-04-12T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.04468
published_at 2026-05-05T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.04406
published_at 2026-04-24T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.04427
published_at 2026-04-26T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.04467
published_at 2026-04-29T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.04261
published_at 2026-04-18T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.04387
published_at 2026-04-21T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.05503
published_at 2026-04-16T12:55:00Z
11
value 7e-05
scoring_system epss
scoring_elements 0.0045
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32280
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32280
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32280
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456339
reference_id 2456339
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456339
5
reference_url https://access.redhat.com/errata/RHSA-2026:11688
reference_id RHSA-2026:11688
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11688
6
reference_url https://access.redhat.com/errata/RHSA-2026:13545
reference_id RHSA-2026:13545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13545
7
reference_url https://access.redhat.com/errata/RHSA-2026:13826
reference_id RHSA-2026:13826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13826
8
reference_url https://access.redhat.com/errata/RHSA-2026:9385
reference_id RHSA-2026:9385
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9385
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-32280
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tf52-aa91-4kf3
17
url VCID-tmb1-tq9e-puhd
vulnerability_id VCID-tmb1-tq9e-puhd
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32282.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32282.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32282
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01073
published_at 2026-04-08T12:55:00Z
1
value 0.0001
scoring_system epss
scoring_elements 0.01072
published_at 2026-04-09T12:55:00Z
2
value 0.0001
scoring_system epss
scoring_elements 0.01057
published_at 2026-04-11T12:55:00Z
3
value 0.0001
scoring_system epss
scoring_elements 0.01052
published_at 2026-04-13T12:55:00Z
4
value 8e-05
scoring_system epss
scoring_elements 0.00778
published_at 2026-04-16T12:55:00Z
5
value 8e-05
scoring_system epss
scoring_elements 0.00766
published_at 2026-04-18T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.00807
published_at 2026-04-29T12:55:00Z
7
value 8e-05
scoring_system epss
scoring_elements 0.00812
published_at 2026-05-05T12:55:00Z
8
value 8e-05
scoring_system epss
scoring_elements 0.00811
published_at 2026-04-24T12:55:00Z
9
value 8e-05
scoring_system epss
scoring_elements 0.0081
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32282
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32282
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32282
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
reference_id 0uYbvbPZRWU
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/
url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456336
reference_id 2456336
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456336
6
reference_url https://go.dev/cl/763761
reference_id 763761
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/
url https://go.dev/cl/763761
7
reference_url https://go.dev/issue/78293
reference_id 78293
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/
url https://go.dev/issue/78293
8
reference_url https://pkg.go.dev/vuln/GO-2026-4864
reference_id GO-2026-4864
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/
url https://pkg.go.dev/vuln/GO-2026-4864
9
reference_url https://access.redhat.com/errata/RHSA-2026:11408
reference_id RHSA-2026:11408
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11408
10
reference_url https://access.redhat.com/errata/RHSA-2026:11803
reference_id RHSA-2026:11803
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11803
11
reference_url https://access.redhat.com/errata/RHSA-2026:13826
reference_id RHSA-2026:13826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13826
12
reference_url https://access.redhat.com/errata/RHSA-2026:9385
reference_id RHSA-2026:9385
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9385
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-32282
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tmb1-tq9e-puhd
18
url VCID-vw1r-8zev-ykf4
vulnerability_id VCID-vw1r-8zev-ykf4
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32283
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03145
published_at 2026-04-18T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.043
published_at 2026-05-05T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.04313
published_at 2026-04-29T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.0428
published_at 2026-04-26T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.04261
published_at 2026-04-24T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.04249
published_at 2026-04-21T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05594
published_at 2026-04-16T12:55:00Z
7
value 7e-05
scoring_system epss
scoring_elements 0.00479
published_at 2026-04-08T12:55:00Z
8
value 7e-05
scoring_system epss
scoring_elements 0.00477
published_at 2026-04-11T12:55:00Z
9
value 7e-05
scoring_system epss
scoring_elements 0.00474
published_at 2026-04-12T12:55:00Z
10
value 7e-05
scoring_system epss
scoring_elements 0.00476
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32283
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32283
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
reference_id 0uYbvbPZRWU
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/
url https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
4
reference_url https://go.dev/cl/763767
reference_id 763767
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/
url https://go.dev/cl/763767
5
reference_url https://go.dev/issue/78334
reference_id 78334
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/
url https://go.dev/issue/78334
6
reference_url https://pkg.go.dev/vuln/GO-2026-4870
reference_id GO-2026-4870
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/
url https://pkg.go.dev/vuln/GO-2026-4870
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-32283
risk_score 3.0
exploitability 0.5
weighted_severity 6.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vw1r-8zev-ykf4
19
url VCID-x5ub-bfb7-nbbr
vulnerability_id VCID-x5ub-bfb7-nbbr
summary crypto/x509: Incorrect enforcement of email constraints in crypto/x509
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27137.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27137.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27137
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.017
published_at 2026-04-04T12:55:00Z
1
value 0.00012
scoring_system epss
scoring_elements 0.01692
published_at 2026-04-02T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02175
published_at 2026-04-11T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02177
published_at 2026-04-08T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02198
published_at 2026-04-09T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.0216
published_at 2026-04-12T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02157
published_at 2026-04-13T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02132
published_at 2026-04-16T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02145
published_at 2026-04-18T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.0223
published_at 2026-04-21T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03157
published_at 2026-04-29T12:55:00Z
11
value 0.00015
scoring_system epss
scoring_elements 0.03112
published_at 2026-04-26T12:55:00Z
12
value 0.00015
scoring_system epss
scoring_elements 0.03116
published_at 2026-05-05T12:55:00Z
13
value 0.00015
scoring_system epss
scoring_elements 0.03123
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27137
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445345
reference_id 2445345
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445345
4
reference_url https://go.dev/cl/752182
reference_id 752182
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/
url https://go.dev/cl/752182
5
reference_url https://go.dev/issue/77952
reference_id 77952
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/
url https://go.dev/issue/77952
6
reference_url https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk
reference_id EdhZqrQ98hk
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/
url https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk
7
reference_url https://pkg.go.dev/vuln/GO-2026-4599
reference_id GO-2026-4599
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/
url https://pkg.go.dev/vuln/GO-2026-4599
8
reference_url https://access.redhat.com/errata/RHSA-2026:10125
reference_id RHSA-2026:10125
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10125
9
reference_url https://access.redhat.com/errata/RHSA-2026:10158
reference_id RHSA-2026:10158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10158
10
reference_url https://access.redhat.com/errata/RHSA-2026:10169
reference_id RHSA-2026:10169
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10169
11
reference_url https://access.redhat.com/errata/RHSA-2026:10175
reference_id RHSA-2026:10175
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10175
12
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
13
reference_url https://access.redhat.com/errata/RHSA-2026:10225
reference_id RHSA-2026:10225
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10225
14
reference_url https://access.redhat.com/errata/RHSA-2026:10250
reference_id RHSA-2026:10250
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10250
15
reference_url https://access.redhat.com/errata/RHSA-2026:10929
reference_id RHSA-2026:10929
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10929
16
reference_url https://access.redhat.com/errata/RHSA-2026:11331
reference_id RHSA-2026:11331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11331
17
reference_url https://access.redhat.com/errata/RHSA-2026:11800
reference_id RHSA-2026:11800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11800
18
reference_url https://access.redhat.com/errata/RHSA-2026:13545
reference_id RHSA-2026:13545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13545
19
reference_url https://access.redhat.com/errata/RHSA-2026:5110
reference_id RHSA-2026:5110
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5110
20
reference_url https://access.redhat.com/errata/RHSA-2026:5549
reference_id RHSA-2026:5549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5549
21
reference_url https://access.redhat.com/errata/RHSA-2026:8151
reference_id RHSA-2026:8151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8151
22
reference_url https://access.redhat.com/errata/RHSA-2026:8167
reference_id RHSA-2026:8167
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8167
23
reference_url https://access.redhat.com/errata/RHSA-2026:8337
reference_id RHSA-2026:8337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8337
24
reference_url https://access.redhat.com/errata/RHSA-2026:8338
reference_id RHSA-2026:8338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8338
25
reference_url https://access.redhat.com/errata/RHSA-2026:8842
reference_id RHSA-2026:8842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8842
26
reference_url https://access.redhat.com/errata/RHSA-2026:9052
reference_id RHSA-2026:9052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9052
27
reference_url https://access.redhat.com/errata/RHSA-2026:9385
reference_id RHSA-2026:9385
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9385
28
reference_url https://access.redhat.com/errata/RHSA-2026:9697
reference_id RHSA-2026:9697
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9697
29
reference_url https://access.redhat.com/errata/RHSA-2026:9698
reference_id RHSA-2026:9698
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9698
30
reference_url https://access.redhat.com/errata/RHSA-2026:9699
reference_id RHSA-2026:9699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9699
31
reference_url https://access.redhat.com/errata/RHSA-2026:9872
reference_id RHSA-2026:9872
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9872
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-27137
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x5ub-bfb7-nbbr
20
url VCID-yj5c-4wbb-gbcx
vulnerability_id VCID-yj5c-4wbb-gbcx
summary 
Go Images vulnerable to an out-of-memory error via a crafted TIFF file
A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33809.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33809.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33809
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01533
published_at 2026-04-24T12:55:00Z
1
value 0.00012
scoring_system epss
scoring_elements 0.01944
published_at 2026-04-29T12:55:00Z
2
value 0.00012
scoring_system epss
scoring_elements 0.01891
published_at 2026-05-05T12:55:00Z
3
value 0.00012
scoring_system epss
scoring_elements 0.01594
published_at 2026-04-21T12:55:00Z
4
value 0.00012
scoring_system epss
scoring_elements 0.01909
published_at 2026-04-26T12:55:00Z
5
value 0.00036
scoring_system epss
scoring_elements 0.10501
published_at 2026-04-18T12:55:00Z
6
value 0.00036
scoring_system epss
scoring_elements 0.10663
published_at 2026-04-04T12:55:00Z
7
value 0.00036
scoring_system epss
scoring_elements 0.10527
published_at 2026-04-07T12:55:00Z
8
value 0.00036
scoring_system epss
scoring_elements 0.106
published_at 2026-04-08T12:55:00Z
9
value 0.00036
scoring_system epss
scoring_elements 0.1066
published_at 2026-04-09T12:55:00Z
10
value 0.00036
scoring_system epss
scoring_elements 0.10673
published_at 2026-04-11T12:55:00Z
11
value 0.00036
scoring_system epss
scoring_elements 0.10641
published_at 2026-04-12T12:55:00Z
12
value 0.00036
scoring_system epss
scoring_elements 0.10616
published_at 2026-04-13T12:55:00Z
13
value 0.00036
scoring_system epss
scoring_elements 0.10483
published_at 2026-04-16T12:55:00Z
14
value 0.00036
scoring_system epss
scoring_elements 0.10602
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33809
2
reference_url https://cs.opensource.google/go/x/image
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cs.opensource.google/go/x/image
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33809
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33809
4
reference_url https://go.dev/cl/757660
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T20:05:32Z/
url https://go.dev/cl/757660
5
reference_url https://go.dev/issue/78267
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T20:05:32Z/
url https://go.dev/issue/78267
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33809
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33809
7
reference_url https://pkg.go.dev/vuln/GO-2026-4815
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T20:05:32Z/
url https://pkg.go.dev/vuln/GO-2026-4815
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451437
reference_id 2451437
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451437
fixed_packages
0
url pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community
aliases CVE-2026-33809, GHSA-44p7-9xx4-hf2g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yj5c-4wbb-gbcx
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=edge&reponame=community