Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/znuny@6.5.21-1?distro=trixie
Typedeb
Namespacedebian
Nameznuny
Version6.5.21-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3um8-4fmh-97ge
vulnerability_id VCID-3um8-4fmh-97ge
summary In Znuny LTS before 6.5.21 and Znuny before 7.3.3, there is reflected XSS in AdminCommunicationLog (aka the communication log administration view).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-50592
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08703
published_at 2026-06-06T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08635
published_at 2026-06-08T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.08673
published_at 2026-06-09T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.08687
published_at 2026-06-05T12:55:00Z
4
value 0.00029
scoring_system epss
scoring_elements 0.08683
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-50592
1
reference_url https://www.znuny.org/en/advisories/zsa-2026-10
reference_id zsa-2026-10
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-05T18:21:17Z/
url https://www.znuny.org/en/advisories/zsa-2026-10
fixed_packages
0
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2026-50592
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3um8-4fmh-97ge
1
url VCID-48xy-e43e-3uhq
vulnerability_id VCID-48xy-e43e-3uhq
summary There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending specially crafted e-mail to the system and it doesn't require any user intraction. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21441
reference_id
reference_type
scores
0
value 0.00296
scoring_system epss
scoring_elements 0.53179
published_at 2026-06-04T12:55:00Z
1
value 0.00296
scoring_system epss
scoring_elements 0.5324
published_at 2026-06-05T12:55:00Z
2
value 0.00296
scoring_system epss
scoring_elements 0.53248
published_at 2026-06-06T12:55:00Z
3
value 0.00296
scoring_system epss
scoring_elements 0.5323
published_at 2026-06-07T12:55:00Z
4
value 0.00296
scoring_system epss
scoring_elements 0.53204
published_at 2026-06-08T12:55:00Z
5
value 0.00296
scoring_system epss
scoring_elements 0.53228
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21441
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21441
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21441
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992
reference_id 989992
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992
fixed_packages
0
url pkg:deb/debian/znuny@0?distro=trixie
purl pkg:deb/debian/znuny@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@0%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.1-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-5equ-78js-5ffs
2
vulnerability VCID-6hqw-djsz-2fb9
3
vulnerability VCID-88yz-xb2f-ykce
4
vulnerability VCID-aem1-z125-xbcn
5
vulnerability VCID-bs4b-q3bf-kqcz
6
vulnerability VCID-ebk7-d8nm-5qh7
7
vulnerability VCID-fyz6-z2s8-g7bs
8
vulnerability VCID-gx8h-5h14-dqez
9
vulnerability VCID-mkg7-u2gk-7kee
10
vulnerability VCID-nuyx-axak-rfc5
11
vulnerability VCID-nwu6-pvr1-h7h3
12
vulnerability VCID-r9rn-hd3y-77h1
13
vulnerability VCID-sbb6-yk3t-nygm
14
vulnerability VCID-teuw-kajh-mkaq
15
vulnerability VCID-vrv5-q3yc-t3fv
16
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.1-1%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
3
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2021-21441
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-48xy-e43e-3uhq
2
url VCID-5equ-78js-5ffs
vulnerability_id VCID-5equ-78js-5ffs
summary An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the configuration file can use this to execute a command executed by the user running the backup.pl script.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-26845
reference_id
reference_type
scores
0
value 0.0041
scoring_system epss
scoring_elements 0.61704
published_at 2026-06-09T12:55:00Z
1
value 0.0041
scoring_system epss
scoring_elements 0.61706
published_at 2026-06-05T12:55:00Z
2
value 0.0041
scoring_system epss
scoring_elements 0.61713
published_at 2026-06-06T12:55:00Z
3
value 0.0041
scoring_system epss
scoring_elements 0.61702
published_at 2026-06-07T12:55:00Z
4
value 0.0041
scoring_system epss
scoring_elements 0.61686
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-26845
1
reference_url https://www.znuny.com
reference_id www.znuny.com
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:45:30Z/
url https://www.znuny.com
2
reference_url https://www.znuny.org/en/advisories/zsa-2025-03
reference_id zsa-2025-03
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:45:30Z/
url https://www.znuny.org/en/advisories/zsa-2025-03
fixed_packages
0
url pkg:deb/debian/znuny@6.5.13-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.13-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.13-1%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2025-26845
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5equ-78js-5ffs
3
url VCID-6hqw-djsz-2fb9
vulnerability_id VCID-6hqw-djsz-2fb9
summary Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS Generic Interface modules allows any authenticated attacker to to perform an host header injection for the ContentType header of the attachment.  This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38060
reference_id
reference_type
scores
0
value 0.00228
scoring_system epss
scoring_elements 0.4564
published_at 2026-06-09T12:55:00Z
1
value 0.00228
scoring_system epss
scoring_elements 0.45667
published_at 2026-06-05T12:55:00Z
2
value 0.00228
scoring_system epss
scoring_elements 0.45671
published_at 2026-06-06T12:55:00Z
3
value 0.00228
scoring_system epss
scoring_elements 0.45651
published_at 2026-06-07T12:55:00Z
4
value 0.00228
scoring_system epss
scoring_elements 0.45626
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38060
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38060
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38060
2
reference_url https://otrs.com/release-notes/otrs-security-advisory-2023-04/
reference_id otrs-security-advisory-2023-04
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-17T13:01:31Z/
url https://otrs.com/release-notes/otrs-security-advisory-2023-04/
fixed_packages
0
url pkg:deb/debian/znuny@6.5.3-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.3-1%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2023-38060
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6hqw-djsz-2fb9
4
url VCID-88yz-xb2f-ykce
vulnerability_id VCID-88yz-xb2f-ykce
summary An issue was discovered in Znuny LTS 6.5.1 through 6.5.7 and Znuny 7.0.1 through 7.0.16 where a logged-in agent is able to inject SQL in the draft form ID parameter of an AJAX request.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-32493
reference_id
reference_type
scores
0
value 0.00608
scoring_system epss
scoring_elements 0.70146
published_at 2026-06-09T12:55:00Z
1
value 0.00608
scoring_system epss
scoring_elements 0.70144
published_at 2026-06-05T12:55:00Z
2
value 0.00608
scoring_system epss
scoring_elements 0.70152
published_at 2026-06-06T12:55:00Z
3
value 0.00608
scoring_system epss
scoring_elements 0.70134
published_at 2026-06-07T12:55:00Z
4
value 0.00608
scoring_system epss
scoring_elements 0.70122
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-32493
1
reference_url https://znuny.com
reference_id znuny.com
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-30T14:46:04Z/
url https://znuny.com
2
reference_url https://www.znuny.org/en/advisories/zsa-2024-03
reference_id zsa-2024-03
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-30T14:46:04Z/
url https://www.znuny.org/en/advisories/zsa-2024-03
fixed_packages
0
url pkg:deb/debian/znuny@6.5.8-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.8-1%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2024-32493
risk_score 2.2
exploitability 0.5
weighted_severity 4.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-88yz-xb2f-ykce
5
url VCID-aem1-z125-xbcn
vulnerability_id VCID-aem1-z125-xbcn
summary An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6. Custom AJAX calls to the AgentPreferences UpdateAJAX subaction can be used to set user preferences with arbitrary keys. When fetching user data via GetUserData, these keys and values are retrieved and given as a whole to other function calls, which then might use these keys/values to affect permissions or other settings.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-43926
reference_id
reference_type
scores
0
value 0.00213
scoring_system epss
scoring_elements 0.43803
published_at 2026-06-09T12:55:00Z
1
value 0.00213
scoring_system epss
scoring_elements 0.43845
published_at 2026-06-05T12:55:00Z
2
value 0.00213
scoring_system epss
scoring_elements 0.43854
published_at 2026-06-06T12:55:00Z
3
value 0.00213
scoring_system epss
scoring_elements 0.43828
published_at 2026-06-07T12:55:00Z
4
value 0.00213
scoring_system epss
scoring_elements 0.43794
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-43926
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104739
reference_id 1104739
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104739
2
reference_url https://znuny.com
reference_id znuny.com
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-12T18:30:23Z/
url https://znuny.com
3
reference_url https://www.znuny.org/en/advisories/zsa-2025-07
reference_id zsa-2025-07
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-12T18:30:23Z/
url https://www.znuny.org/en/advisories/zsa-2025-07
fixed_packages
0
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2025-43926
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aem1-z125-xbcn
6
url VCID-bs4b-q3bf-kqcz
vulnerability_id VCID-bs4b-q3bf-kqcz
summary An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content of S/MIME encrypted e-mail messages is visible to users with access to the CommunicationLog.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-26842
reference_id
reference_type
scores
0
value 0.00287
scoring_system epss
scoring_elements 0.5248
published_at 2026-06-06T12:55:00Z
1
value 0.00287
scoring_system epss
scoring_elements 0.52432
published_at 2026-06-08T12:55:00Z
2
value 0.00287
scoring_system epss
scoring_elements 0.52454
published_at 2026-06-09T12:55:00Z
3
value 0.00287
scoring_system epss
scoring_elements 0.52472
published_at 2026-06-05T12:55:00Z
4
value 0.00287
scoring_system epss
scoring_elements 0.5246
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-26842
1
reference_url https://www.znuny.org/en/advisories/zsa-2025-01
reference_id zsa-2025-01
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:53:25Z/
url https://www.znuny.org/en/advisories/zsa-2025-01
fixed_packages
0
url pkg:deb/debian/znuny@6.5.13-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.13-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.13-1%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2025-26842
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bs4b-q3bf-kqcz
7
url VCID-dnfd-spvs-9qbb
vulnerability_id VCID-dnfd-spvs-9qbb
summary Agents are able to list customer user emails without required permissions in the bulk action screen. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21443
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44625
published_at 2026-06-04T12:55:00Z
1
value 0.0022
scoring_system epss
scoring_elements 0.44694
published_at 2026-06-05T12:55:00Z
2
value 0.0022
scoring_system epss
scoring_elements 0.44702
published_at 2026-06-06T12:55:00Z
3
value 0.0022
scoring_system epss
scoring_elements 0.4468
published_at 2026-06-07T12:55:00Z
4
value 0.0022
scoring_system epss
scoring_elements 0.44648
published_at 2026-06-08T12:55:00Z
5
value 0.0022
scoring_system epss
scoring_elements 0.44661
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21443
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21443
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21443
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593
reference_id 991593
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593
fixed_packages
0
url pkg:deb/debian/znuny@0?distro=trixie
purl pkg:deb/debian/znuny@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@0%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.1-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-5equ-78js-5ffs
2
vulnerability VCID-6hqw-djsz-2fb9
3
vulnerability VCID-88yz-xb2f-ykce
4
vulnerability VCID-aem1-z125-xbcn
5
vulnerability VCID-bs4b-q3bf-kqcz
6
vulnerability VCID-ebk7-d8nm-5qh7
7
vulnerability VCID-fyz6-z2s8-g7bs
8
vulnerability VCID-gx8h-5h14-dqez
9
vulnerability VCID-mkg7-u2gk-7kee
10
vulnerability VCID-nuyx-axak-rfc5
11
vulnerability VCID-nwu6-pvr1-h7h3
12
vulnerability VCID-r9rn-hd3y-77h1
13
vulnerability VCID-sbb6-yk3t-nygm
14
vulnerability VCID-teuw-kajh-mkaq
15
vulnerability VCID-vrv5-q3yc-t3fv
16
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.1-1%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
3
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2021-21443
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dnfd-spvs-9qbb
8
url VCID-ebk7-d8nm-5qh7
vulnerability_id VCID-ebk7-d8nm-5qh7
summary A Cross-Site Scripting (XSS) vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-52204
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02425
published_at 2026-06-07T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02369
published_at 2026-06-09T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.0241
published_at 2026-06-08T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02482
published_at 2026-06-05T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02477
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-52204
1
reference_url https://github.com/j0qq3r/CVE-2025-52204
reference_id CVE-2025-52204
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:00:50Z/
url https://github.com/j0qq3r/CVE-2025-52204
2
reference_url https://www.znuny.org/en/releases/znuny-7-3-1
reference_id znuny-7-3-1
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:00:50Z/
url https://www.znuny.org/en/releases/znuny-7-3-1
3
reference_url http://znuny.com
reference_id znuny.com
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:00:50Z/
url http://znuny.com
4
reference_url http://znunyitsm.com
reference_id znunyitsm.com
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:00:50Z/
url http://znunyitsm.com
fixed_packages
0
url pkg:deb/debian/znuny@6.5.19-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.19-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.19-1%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2025-52204
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ebk7-d8nm-5qh7
9
url VCID-fn3v-xu31-h3gz
vulnerability_id VCID-fn3v-xu31-h3gz
summary Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows SQL Injection via TicketSearch Webservice This issue affects OTRS: from 7.0.1 before 7.0.40 Patch 1, from 8.0.1 before 8.0.28 Patch 1; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-4427
reference_id
reference_type
scores
0
value 0.00465
scoring_system epss
scoring_elements 0.64768
published_at 2026-06-09T12:55:00Z
1
value 0.00465
scoring_system epss
scoring_elements 0.64771
published_at 2026-06-06T12:55:00Z
2
value 0.00465
scoring_system epss
scoring_elements 0.6476
published_at 2026-06-07T12:55:00Z
3
value 0.00465
scoring_system epss
scoring_elements 0.64749
published_at 2026-06-08T12:55:00Z
4
value 0.00465
scoring_system epss
scoring_elements 0.6472
published_at 2026-06-04T12:55:00Z
5
value 0.00465
scoring_system epss
scoring_elements 0.64761
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-4427
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4427
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4427
2
reference_url https://otrs.com/release-notes/otrs-security-advisory-2022-15/
reference_id otrs-security-advisory-2022-15
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T18:03:48Z/
url https://otrs.com/release-notes/otrs-security-advisory-2022-15/
fixed_packages
0
url pkg:deb/debian/znuny@6.4.5-1?distro=trixie
purl pkg:deb/debian/znuny@6.4.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.4.5-1%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.1-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-5equ-78js-5ffs
2
vulnerability VCID-6hqw-djsz-2fb9
3
vulnerability VCID-88yz-xb2f-ykce
4
vulnerability VCID-aem1-z125-xbcn
5
vulnerability VCID-bs4b-q3bf-kqcz
6
vulnerability VCID-ebk7-d8nm-5qh7
7
vulnerability VCID-fyz6-z2s8-g7bs
8
vulnerability VCID-gx8h-5h14-dqez
9
vulnerability VCID-mkg7-u2gk-7kee
10
vulnerability VCID-nuyx-axak-rfc5
11
vulnerability VCID-nwu6-pvr1-h7h3
12
vulnerability VCID-r9rn-hd3y-77h1
13
vulnerability VCID-sbb6-yk3t-nygm
14
vulnerability VCID-teuw-kajh-mkaq
15
vulnerability VCID-vrv5-q3yc-t3fv
16
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.1-1%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
3
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2022-4427
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fn3v-xu31-h3gz
10
url VCID-fyz6-z2s8-g7bs
vulnerability_id VCID-fyz6-z2s8-g7bs
summary Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows XSS. JavaScript code in the short description of the SLA field in Activity Dialogues is executed.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-48937
reference_id
reference_type
scores
0
value 0.01525
scoring_system epss
scoring_elements 0.81634
published_at 2026-06-05T12:55:00Z
1
value 0.01525
scoring_system epss
scoring_elements 0.81644
published_at 2026-06-09T12:55:00Z
2
value 0.01525
scoring_system epss
scoring_elements 0.81629
published_at 2026-06-08T12:55:00Z
3
value 0.01525
scoring_system epss
scoring_elements 0.81636
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-48937
1
reference_url https://www.znuny.org/en/advisories
reference_id advisories
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T15:39:09Z/
url https://www.znuny.org/en/advisories
2
reference_url https://www.znuny.com
reference_id www.znuny.com
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T15:39:09Z/
url https://www.znuny.com
3
reference_url https://www.znuny.org/en/advisories/zsa-2024-05
reference_id zsa-2024-05
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T15:39:09Z/
url https://www.znuny.org/en/advisories/zsa-2024-05
fixed_packages
0
url pkg:deb/debian/znuny@6.5.11-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.11-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.11-1%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2024-48937
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fyz6-z2s8-g7bs
11
url VCID-gx8h-5h14-dqez
vulnerability_id VCID-gx8h-5h14-dqez
summary 
jquery-validation vulnerable to Cross-site Scripting
Versions of the package jquery-validation before 1.20.0 are vulnerable to Cross-site Scripting (XSS) in the showLabel() function, which may take input from a user-controlled placeholder value. This value will populate a message via $.validator.messages in a user localizable dictionary.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3573.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3573.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-3573
reference_id
reference_type
scores
0
value 0.00341
scoring_system epss
scoring_elements 0.57076
published_at 2026-06-09T12:55:00Z
1
value 0.00341
scoring_system epss
scoring_elements 0.57078
published_at 2026-06-05T12:55:00Z
2
value 0.00341
scoring_system epss
scoring_elements 0.57085
published_at 2026-06-06T12:55:00Z
3
value 0.00341
scoring_system epss
scoring_elements 0.57073
published_at 2026-06-07T12:55:00Z
4
value 0.00341
scoring_system epss
scoring_elements 0.57058
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-3573
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3573
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3573
3
reference_url https://github.com/jquery-validation/jquery-validation
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery-validation/jquery-validation
4
reference_url https://github.com/jquery-validation/jquery-validation/commit/7a490d8f39bd988027568ddcf51755e1f4688902
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery-validation/jquery-validation/commit/7a490d8f39bd988027568ddcf51755e1f4688902
5
reference_url https://github.com/jquery-validation/jquery-validation/pull/2462
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery-validation/jquery-validation/pull/2462
6
reference_url https://security.snyk.io/vuln/SNYK-JS-JQUERYVALIDATION-5952285
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-JS-JQUERYVALIDATION-5952285
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103445
reference_id 1103445
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103445
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104134
reference_id 1104134
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104134
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104135
reference_id 1104135
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104135
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104136
reference_id 1104136
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104136
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2359682
reference_id 2359682
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2359682
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-3573
reference_id CVE-2025-3573
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-3573
13
reference_url https://github.com/advisories/GHSA-rrj2-ph5q-jxw2
reference_id GHSA-rrj2-ph5q-jxw2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rrj2-ph5q-jxw2
fixed_packages
0
url pkg:deb/debian/znuny@6.5.16-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.16-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.16-1%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2025-3573, GHSA-rrj2-ph5q-jxw2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gx8h-5h14-dqez
12
url VCID-mkg7-u2gk-7kee
vulnerability_id VCID-mkg7-u2gk-7kee
summary IN Znuny LTS before 6.5.21 and Znuny before 7.3.3, XSS can occur via stored user preferences.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-50591
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08703
published_at 2026-06-06T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08635
published_at 2026-06-08T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.08673
published_at 2026-06-09T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.08687
published_at 2026-06-05T12:55:00Z
4
value 0.00029
scoring_system epss
scoring_elements 0.08683
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-50591
1
reference_url https://www.znuny.org/en/advisories/zsa-2026-11
reference_id zsa-2026-11
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-05T18:22:51Z/
url https://www.znuny.org/en/advisories/zsa-2026-11
fixed_packages
0
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2026-50591
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkg7-u2gk-7kee
13
url VCID-n9cu-rusr-ufhx
vulnerability_id VCID-n9cu-rusr-ufhx
summary An issue was discovered in Znuny 7.0.1 through 7.0.16 where the ticket detail view in the customer front allows the execution of external JavaScript.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-32492
reference_id
reference_type
scores
0
value 0.0065
scoring_system epss
scoring_elements 0.71273
published_at 2026-06-09T12:55:00Z
1
value 0.0065
scoring_system epss
scoring_elements 0.71278
published_at 2026-06-05T12:55:00Z
2
value 0.0065
scoring_system epss
scoring_elements 0.71284
published_at 2026-06-06T12:55:00Z
3
value 0.0065
scoring_system epss
scoring_elements 0.71264
published_at 2026-06-07T12:55:00Z
4
value 0.0065
scoring_system epss
scoring_elements 0.71249
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-32492
1
reference_url https://znuny.com
reference_id znuny.com
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T15:52:23Z/
url https://znuny.com
2
reference_url https://www.znuny.org/en/advisories/zsa-2024-02
reference_id zsa-2024-02
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T15:52:23Z/
url https://www.znuny.org/en/advisories/zsa-2024-02
fixed_packages
0
url pkg:deb/debian/znuny@0?distro=trixie
purl pkg:deb/debian/znuny@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@0%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.1-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-5equ-78js-5ffs
2
vulnerability VCID-6hqw-djsz-2fb9
3
vulnerability VCID-88yz-xb2f-ykce
4
vulnerability VCID-aem1-z125-xbcn
5
vulnerability VCID-bs4b-q3bf-kqcz
6
vulnerability VCID-ebk7-d8nm-5qh7
7
vulnerability VCID-fyz6-z2s8-g7bs
8
vulnerability VCID-gx8h-5h14-dqez
9
vulnerability VCID-mkg7-u2gk-7kee
10
vulnerability VCID-nuyx-axak-rfc5
11
vulnerability VCID-nwu6-pvr1-h7h3
12
vulnerability VCID-r9rn-hd3y-77h1
13
vulnerability VCID-sbb6-yk3t-nygm
14
vulnerability VCID-teuw-kajh-mkaq
15
vulnerability VCID-vrv5-q3yc-t3fv
16
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.1-1%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
3
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2024-32492
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n9cu-rusr-ufhx
14
url VCID-nuyx-axak-rfc5
vulnerability_id VCID-nuyx-axak-rfc5
summary An issue was discovered in Znuny before 7.1.4. Permissions are not checked properly when using the Generic Interface to update ticket metadata.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-26846
reference_id
reference_type
scores
0
value 0.00404
scoring_system epss
scoring_elements 0.61325
published_at 2026-06-09T12:55:00Z
1
value 0.00404
scoring_system epss
scoring_elements 0.61329
published_at 2026-06-05T12:55:00Z
2
value 0.00404
scoring_system epss
scoring_elements 0.61337
published_at 2026-06-06T12:55:00Z
3
value 0.00404
scoring_system epss
scoring_elements 0.61323
published_at 2026-06-07T12:55:00Z
4
value 0.00404
scoring_system epss
scoring_elements 0.61305
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-26846
1
reference_url https://www.znuny.com
reference_id www.znuny.com
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-12T21:50:36Z/
url https://www.znuny.com
2
reference_url https://www.znuny.org/en/advisories/zsa-2025-02
reference_id zsa-2025-02
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-12T21:50:36Z/
url https://www.znuny.org/en/advisories/zsa-2025-02
fixed_packages
0
url pkg:deb/debian/znuny@6.5.13-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.13-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.13-1%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2025-26846
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nuyx-axak-rfc5
15
url VCID-nwu6-pvr1-h7h3
vulnerability_id VCID-nwu6-pvr1-h7h3
summary Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows DoS/ReDos via email. Parsing the content of emails where HTML code is copied from Microsoft Word could lead to high CPU usage and block the parsing process.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-48938
reference_id
reference_type
scores
0
value 0.00699
scoring_system epss
scoring_elements 0.72395
published_at 2026-06-05T12:55:00Z
1
value 0.00699
scoring_system epss
scoring_elements 0.72392
published_at 2026-06-09T12:55:00Z
2
value 0.00699
scoring_system epss
scoring_elements 0.72367
published_at 2026-06-08T12:55:00Z
3
value 0.00699
scoring_system epss
scoring_elements 0.72382
published_at 2026-06-07T12:55:00Z
4
value 0.00699
scoring_system epss
scoring_elements 0.72401
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-48938
1
reference_url https://www.znuny.org/en/advisories
reference_id advisories
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T18:44:51Z/
url https://www.znuny.org/en/advisories
2
reference_url https://www.znuny.com
reference_id www.znuny.com
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T18:44:51Z/
url https://www.znuny.com
3
reference_url https://www.znuny.org/en/advisories/zsa-2024-04
reference_id zsa-2024-04
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T18:44:51Z/
url https://www.znuny.org/en/advisories/zsa-2024-04
fixed_packages
0
url pkg:deb/debian/znuny@6.5.11-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.11-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.11-1%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2024-48938
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nwu6-pvr1-h7h3
16
url VCID-qd3v-muyf-tkd7
vulnerability_id VCID-qd3v-muyf-tkd7
summary Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior versions.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21440
reference_id
reference_type
scores
0
value 0.00179
scoring_system epss
scoring_elements 0.39236
published_at 2026-06-04T12:55:00Z
1
value 0.00179
scoring_system epss
scoring_elements 0.39326
published_at 2026-06-05T12:55:00Z
2
value 0.00179
scoring_system epss
scoring_elements 0.3933
published_at 2026-06-06T12:55:00Z
3
value 0.00179
scoring_system epss
scoring_elements 0.39301
published_at 2026-06-07T12:55:00Z
4
value 0.00179
scoring_system epss
scoring_elements 0.39274
published_at 2026-06-08T12:55:00Z
5
value 0.00179
scoring_system epss
scoring_elements 0.39287
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21440
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21440
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21440
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593
reference_id 991593
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991593
fixed_packages
0
url pkg:deb/debian/znuny@0?distro=trixie
purl pkg:deb/debian/znuny@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@0%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.1-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-5equ-78js-5ffs
2
vulnerability VCID-6hqw-djsz-2fb9
3
vulnerability VCID-88yz-xb2f-ykce
4
vulnerability VCID-aem1-z125-xbcn
5
vulnerability VCID-bs4b-q3bf-kqcz
6
vulnerability VCID-ebk7-d8nm-5qh7
7
vulnerability VCID-fyz6-z2s8-g7bs
8
vulnerability VCID-gx8h-5h14-dqez
9
vulnerability VCID-mkg7-u2gk-7kee
10
vulnerability VCID-nuyx-axak-rfc5
11
vulnerability VCID-nwu6-pvr1-h7h3
12
vulnerability VCID-r9rn-hd3y-77h1
13
vulnerability VCID-sbb6-yk3t-nygm
14
vulnerability VCID-teuw-kajh-mkaq
15
vulnerability VCID-vrv5-q3yc-t3fv
16
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.1-1%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
3
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2021-21440
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qd3v-muyf-tkd7
17
url VCID-r9rn-hd3y-77h1
vulnerability_id VCID-r9rn-hd3y-77h1
summary An issue was discovered in Znuny and Znuny LTS 6.0.31 through 6.5.7 and Znuny 7.0.1 through 7.0.16 where a logged-in user can upload a file (via a manipulated AJAX Request) to an arbitrary writable location by traversing paths. Arbitrary code can be executed if this location is publicly available through the web server.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-32491
reference_id
reference_type
scores
0
value 0.00585
scoring_system epss
scoring_elements 0.6948
published_at 2026-06-09T12:55:00Z
1
value 0.00585
scoring_system epss
scoring_elements 0.69473
published_at 2026-06-05T12:55:00Z
2
value 0.00585
scoring_system epss
scoring_elements 0.69481
published_at 2026-06-06T12:55:00Z
3
value 0.00585
scoring_system epss
scoring_elements 0.69472
published_at 2026-06-07T12:55:00Z
4
value 0.00585
scoring_system epss
scoring_elements 0.6946
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-32491
1
reference_url https://znuny.com
reference_id znuny.com
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-30T15:40:28Z/
url https://znuny.com
2
reference_url https://www.znuny.org/en/advisories/zsa-2024-01
reference_id zsa-2024-01
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-30T15:40:28Z/
url https://www.znuny.org/en/advisories/zsa-2024-01
fixed_packages
0
url pkg:deb/debian/znuny@6.5.8-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.8-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.8-1%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2024-32491
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r9rn-hd3y-77h1
18
url VCID-sbb6-yk3t-nygm
vulnerability_id VCID-sbb6-yk3t-nygm
summary An issue was discovered in Znuny through 7.1.3. A cookie is set without the HttpOnly flag.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-26844
reference_id
reference_type
scores
0
value 0.00366
scoring_system epss
scoring_elements 0.5895
published_at 2026-06-09T12:55:00Z
1
value 0.00366
scoring_system epss
scoring_elements 0.58953
published_at 2026-06-05T12:55:00Z
2
value 0.00366
scoring_system epss
scoring_elements 0.58959
published_at 2026-06-06T12:55:00Z
3
value 0.00366
scoring_system epss
scoring_elements 0.58951
published_at 2026-06-07T12:55:00Z
4
value 0.00366
scoring_system epss
scoring_elements 0.58935
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-26844
1
reference_url https://www.znuny.com
reference_id www.znuny.com
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:48:53Z/
url https://www.znuny.com
2
reference_url https://www.znuny.org/en/advisories/zsa-2025-05
reference_id zsa-2025-05
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:48:53Z/
url https://www.znuny.org/en/advisories/zsa-2025-05
fixed_packages
0
url pkg:deb/debian/znuny@6.5.13-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.13-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.13-1%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2025-26844
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sbb6-yk3t-nygm
19
url VCID-teuw-kajh-mkaq
vulnerability_id VCID-teuw-kajh-mkaq
summary An issue was discovered in Znuny before 7.1.5. When generating a support bundle, not all passwords are masked.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-26847
reference_id
reference_type
scores
0
value 0.00298
scoring_system epss
scoring_elements 0.53489
published_at 2026-06-09T12:55:00Z
1
value 0.00298
scoring_system epss
scoring_elements 0.53498
published_at 2026-06-05T12:55:00Z
2
value 0.00298
scoring_system epss
scoring_elements 0.53507
published_at 2026-06-06T12:55:00Z
3
value 0.00298
scoring_system epss
scoring_elements 0.5349
published_at 2026-06-07T12:55:00Z
4
value 0.00298
scoring_system epss
scoring_elements 0.53465
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-26847
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104739
reference_id 1104739
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104739
2
reference_url https://www.znuny.com
reference_id www.znuny.com
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:58:30Z/
url https://www.znuny.com
3
reference_url https://www.znuny.org/en/advisories/zsa-2025-06
reference_id zsa-2025-06
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:58:30Z/
url https://www.znuny.org/en/advisories/zsa-2025-06
fixed_packages
0
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2025-26847
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-teuw-kajh-mkaq
20
url VCID-vrv5-q3yc-t3fv
vulnerability_id VCID-vrv5-q3yc-t3fv
summary
references
fixed_packages
0
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2025-26843
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vrv5-q3yc-t3fv
21
url VCID-xjen-uzab-a7cu
vulnerability_id VCID-xjen-uzab-a7cu
summary DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a halt. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions; 8.0.x version 8.0.13 and prior versions.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21439
reference_id
reference_type
scores
0
value 0.00348
scoring_system epss
scoring_elements 0.57573
published_at 2026-06-04T12:55:00Z
1
value 0.00348
scoring_system epss
scoring_elements 0.57625
published_at 2026-06-07T12:55:00Z
2
value 0.00348
scoring_system epss
scoring_elements 0.57633
published_at 2026-06-06T12:55:00Z
3
value 0.00348
scoring_system epss
scoring_elements 0.57612
published_at 2026-06-08T12:55:00Z
4
value 0.00348
scoring_system epss
scoring_elements 0.5763
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21439
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21439
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21439
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992
reference_id 989992
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989992
fixed_packages
0
url pkg:deb/debian/znuny@0?distro=trixie
purl pkg:deb/debian/znuny@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@0%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.1-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-5equ-78js-5ffs
2
vulnerability VCID-6hqw-djsz-2fb9
3
vulnerability VCID-88yz-xb2f-ykce
4
vulnerability VCID-aem1-z125-xbcn
5
vulnerability VCID-bs4b-q3bf-kqcz
6
vulnerability VCID-ebk7-d8nm-5qh7
7
vulnerability VCID-fyz6-z2s8-g7bs
8
vulnerability VCID-gx8h-5h14-dqez
9
vulnerability VCID-mkg7-u2gk-7kee
10
vulnerability VCID-nuyx-axak-rfc5
11
vulnerability VCID-nwu6-pvr1-h7h3
12
vulnerability VCID-r9rn-hd3y-77h1
13
vulnerability VCID-sbb6-yk3t-nygm
14
vulnerability VCID-teuw-kajh-mkaq
15
vulnerability VCID-vrv5-q3yc-t3fv
16
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.1-1%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
3
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2021-21439
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xjen-uzab-a7cu
22
url VCID-yp9r-n7se-fqbb
vulnerability_id VCID-yp9r-n7se-fqbb
summary Specially crafted string in OTRS system configuration can allow the execution of any system command.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-36100
reference_id
reference_type
scores
0
value 0.0072
scoring_system epss
scoring_elements 0.72843
published_at 2026-06-04T12:55:00Z
1
value 0.0072
scoring_system epss
scoring_elements 0.7288
published_at 2026-06-05T12:55:00Z
2
value 0.0072
scoring_system epss
scoring_elements 0.72888
published_at 2026-06-06T12:55:00Z
3
value 0.0072
scoring_system epss
scoring_elements 0.7287
published_at 2026-06-07T12:55:00Z
4
value 0.0072
scoring_system epss
scoring_elements 0.72858
published_at 2026-06-08T12:55:00Z
5
value 0.0072
scoring_system epss
scoring_elements 0.72882
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-36100
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36100
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36100
fixed_packages
0
url pkg:deb/debian/znuny@0?distro=trixie
purl pkg:deb/debian/znuny@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@0%3Fdistro=trixie
1
url pkg:deb/debian/znuny@6.5.1-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-5equ-78js-5ffs
2
vulnerability VCID-6hqw-djsz-2fb9
3
vulnerability VCID-88yz-xb2f-ykce
4
vulnerability VCID-aem1-z125-xbcn
5
vulnerability VCID-bs4b-q3bf-kqcz
6
vulnerability VCID-ebk7-d8nm-5qh7
7
vulnerability VCID-fyz6-z2s8-g7bs
8
vulnerability VCID-gx8h-5h14-dqez
9
vulnerability VCID-mkg7-u2gk-7kee
10
vulnerability VCID-nuyx-axak-rfc5
11
vulnerability VCID-nwu6-pvr1-h7h3
12
vulnerability VCID-r9rn-hd3y-77h1
13
vulnerability VCID-sbb6-yk3t-nygm
14
vulnerability VCID-teuw-kajh-mkaq
15
vulnerability VCID-vrv5-q3yc-t3fv
16
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.1-1%3Fdistro=trixie
2
url pkg:deb/debian/znuny@6.5.15-2?distro=trixie
purl pkg:deb/debian/znuny@6.5.15-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3um8-4fmh-97ge
1
vulnerability VCID-ebk7-d8nm-5qh7
2
vulnerability VCID-gx8h-5h14-dqez
3
vulnerability VCID-mkg7-u2gk-7kee
4
vulnerability VCID-vrv5-q3yc-t3fv
5
vulnerability VCID-ztx6-1f5p-hkdb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.15-2%3Fdistro=trixie
3
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2021-36100
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yp9r-n7se-fqbb
23
url VCID-ztx6-1f5p-hkdb
vulnerability_id VCID-ztx6-1f5p-hkdb
summary
references
fixed_packages
0
url pkg:deb/debian/znuny@6.5.21-1?distro=trixie
purl pkg:deb/debian/znuny@6.5.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie
aliases CVE-2025-59490
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ztx6-1f5p-hkdb
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/znuny@6.5.21-1%3Fdistro=trixie