Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/automation-gateway@2.5.20260422-3?arch=el9ap
Typerpm
Namespaceredhat
Nameautomation-gateway
Version2.5.20260422-3
Qualifiers
arch el9ap
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-6a8h-2wvu-g7en
vulnerability_id VCID-6a8h-2wvu-g7en
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62718.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62718.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-62718
reference_id
reference_type
scores
0
value 0.00069
scoring_system epss
scoring_elements 0.2144
published_at 2026-06-14T12:55:00Z
1
value 0.00069
scoring_system epss
scoring_elements 0.21466
published_at 2026-06-13T12:55:00Z
2
value 0.00069
scoring_system epss
scoring_elements 0.21454
published_at 2026-06-12T12:55:00Z
3
value 0.00069
scoring_system epss
scoring_elements 0.2127
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-62718
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62718
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62718
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
5
reference_url https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c
reference_id 03cdfc99e8db32a390e12128208b6778492cee9c
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c
6
reference_url https://github.com/axios/axios/pull/10661
reference_id 10661
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/pull/10661
7
reference_url https://github.com/axios/axios/pull/10688
reference_id 10688
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/pull/10688
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456913
reference_id 2456913
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456913
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-62718
reference_id CVE-2025-62718
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-62718
10
reference_url https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df
reference_id fb3befb6daac6cad26b2e54094d0f2d9e47f24df
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df
11
reference_url https://github.com/advisories/GHSA-3p68-rc4w-qgx5
reference_id GHSA-3p68-rc4w-qgx5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3p68-rc4w-qgx5
12
reference_url https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5
reference_id GHSA-3p68-rc4w-qgx5
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5
13
reference_url https://datatracker.ietf.org/doc/html/rfc1034#section-3.1
reference_id rfc1034#section-3.1
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://datatracker.ietf.org/doc/html/rfc1034#section-3.1
14
reference_url https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2
reference_id rfc3986#section-3.2.2
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2
15
reference_url https://access.redhat.com/errata/RHSA-2026:10175
reference_id RHSA-2026:10175
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10175
16
reference_url https://access.redhat.com/errata/RHSA-2026:13571
reference_id RHSA-2026:13571
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13571
17
reference_url https://access.redhat.com/errata/RHSA-2026:13826
reference_id RHSA-2026:13826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13826
18
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
19
reference_url https://access.redhat.com/errata/RHSA-2026:16874
reference_id RHSA-2026:16874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16874
20
reference_url https://access.redhat.com/errata/RHSA-2026:17657
reference_id RHSA-2026:17657
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17657
21
reference_url https://access.redhat.com/errata/RHSA-2026:17699
reference_id RHSA-2026:17699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17699
22
reference_url https://access.redhat.com/errata/RHSA-2026:19375
reference_id RHSA-2026:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19375
23
reference_url https://access.redhat.com/errata/RHSA-2026:19712
reference_id RHSA-2026:19712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19712
24
reference_url https://access.redhat.com/errata/RHSA-2026:20889
reference_id RHSA-2026:20889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20889
25
reference_url https://access.redhat.com/errata/RHSA-2026:20938
reference_id RHSA-2026:20938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20938
26
reference_url https://access.redhat.com/errata/RHSA-2026:21017
reference_id RHSA-2026:21017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21017
27
reference_url https://access.redhat.com/errata/RHSA-2026:22465
reference_id RHSA-2026:22465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22465
28
reference_url https://access.redhat.com/errata/RHSA-2026:22629
reference_id RHSA-2026:22629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22629
29
reference_url https://access.redhat.com/errata/RHSA-2026:22840
reference_id RHSA-2026:22840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22840
30
reference_url https://access.redhat.com/errata/RHSA-2026:23361
reference_id RHSA-2026:23361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23361
31
reference_url https://access.redhat.com/errata/RHSA-2026:24471
reference_id RHSA-2026:24471
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24471
32
reference_url https://access.redhat.com/errata/RHSA-2026:24761
reference_id RHSA-2026:24761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24761
33
reference_url https://access.redhat.com/errata/RHSA-2026:24766
reference_id RHSA-2026:24766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24766
34
reference_url https://access.redhat.com/errata/RHSA-2026:24853
reference_id RHSA-2026:24853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24853
35
reference_url https://access.redhat.com/errata/RHSA-2026:24866
reference_id RHSA-2026:24866
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24866
36
reference_url https://access.redhat.com/errata/RHSA-2026:24977
reference_id RHSA-2026:24977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24977
37
reference_url https://access.redhat.com/errata/RHSA-2026:8483
reference_id RHSA-2026:8483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8483
38
reference_url https://access.redhat.com/errata/RHSA-2026:8484
reference_id RHSA-2026:8484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8484
39
reference_url https://access.redhat.com/errata/RHSA-2026:8490
reference_id RHSA-2026:8490
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8490
40
reference_url https://access.redhat.com/errata/RHSA-2026:8491
reference_id RHSA-2026:8491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8491
41
reference_url https://access.redhat.com/errata/RHSA-2026:8493
reference_id RHSA-2026:8493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8493
42
reference_url https://access.redhat.com/errata/RHSA-2026:9742
reference_id RHSA-2026:9742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9742
43
reference_url https://github.com/axios/axios/releases/tag/v0.31.0
reference_id v0.31.0
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/releases/tag/v0.31.0
44
reference_url https://github.com/axios/axios/releases/tag/v1.15.0
reference_id v1.15.0
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:02:50Z/
url https://github.com/axios/axios/releases/tag/v1.15.0
fixed_packages
aliases CVE-2025-62718, GHSA-3p68-rc4w-qgx5
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6a8h-2wvu-g7en
1
url VCID-6vg2-h2n1-1ubp
vulnerability_id VCID-6vg2-h2n1-1ubp
summary Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, Ed25519 signature verification accepts forged non-canonical signatures where the scalar S is not reduced modulo the group order (`S >= L`). A valid signature and its `S + L` variant both verify in forge, while Node.js `crypto.verify` (OpenSSL-backed) rejects the `S + L` variant, as defined by the specification. This class of signature malleability has been exploited in practice to bypass authentication and authorization logic (see CVE-2026-25793, CVE-2022-35961). Applications relying on signature uniqueness (i.e., dedup by signature bytes, replay tracking, signed-object canonicalization checks) may be bypassed. Version 1.4.0 patches the issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33895.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33895.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33895
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.13338
published_at 2026-06-11T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.13427
published_at 2026-06-14T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.13447
published_at 2026-06-12T12:55:00Z
3
value 0.00042
scoring_system epss
scoring_elements 0.13452
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33895
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25793
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25793
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33895
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33895
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2452457
reference_id 2452457
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2452457
5
reference_url https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85
reference_id bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T18:39:49Z/
url https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-35961
reference_id CVE-2022-35961
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-35961
7
reference_url https://github.com/advisories/GHSA-q67f-28xg-22rw
reference_id GHSA-q67f-28xg-22rw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q67f-28xg-22rw
8
reference_url https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw
reference_id GHSA-q67f-28xg-22rw
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T18:39:49Z/
url https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw
9
reference_url https://datatracker.ietf.org/doc/html/rfc8032#section-8.4
reference_id rfc8032#section-8.4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T18:39:49Z/
url https://datatracker.ietf.org/doc/html/rfc8032#section-8.4
10
reference_url https://access.redhat.com/errata/RHSA-2026:13826
reference_id RHSA-2026:13826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13826
11
reference_url https://access.redhat.com/errata/RHSA-2026:24761
reference_id RHSA-2026:24761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24761
12
reference_url https://access.redhat.com/errata/RHSA-2026:9742
reference_id RHSA-2026:9742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9742
fixed_packages
aliases CVE-2026-33895, GHSA-q67f-28xg-22rw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6vg2-h2n1-1ubp
2
url VCID-ackg-agjd-2khe
vulnerability_id VCID-ackg-agjd-2khe
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26996.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26996.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26996
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07739
published_at 2026-06-11T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07764
published_at 2026-06-14T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07769
published_at 2026-06-13T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07775
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26996
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26996
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26996
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/isaacs/minimatch
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/minimatch
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128579
reference_id 1128579
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128579
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2441268
reference_id 2441268
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2441268
7
reference_url https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5
reference_id 2e111f3a79abc00fa73110195de2c0f2351904f5
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:31:36Z/
url https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26996
reference_id CVE-2026-26996
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26996
9
reference_url https://github.com/advisories/GHSA-3ppc-4f35-3m26
reference_id GHSA-3ppc-4f35-3m26
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3ppc-4f35-3m26
10
reference_url https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26
reference_id GHSA-3ppc-4f35-3m26
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:31:36Z/
url https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26
11
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
12
reference_url https://access.redhat.com/errata/RHSA-2026:13508
reference_id RHSA-2026:13508
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13508
13
reference_url https://access.redhat.com/errata/RHSA-2026:18054
reference_id RHSA-2026:18054
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18054
14
reference_url https://access.redhat.com/errata/RHSA-2026:18059
reference_id RHSA-2026:18059
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18059
15
reference_url https://access.redhat.com/errata/RHSA-2026:21703
reference_id RHSA-2026:21703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21703
16
reference_url https://access.redhat.com/errata/RHSA-2026:21709
reference_id RHSA-2026:21709
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21709
17
reference_url https://access.redhat.com/errata/RHSA-2026:21772
reference_id RHSA-2026:21772
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21772
18
reference_url https://access.redhat.com/errata/RHSA-2026:23246
reference_id RHSA-2026:23246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23246
19
reference_url https://access.redhat.com/errata/RHSA-2026:24761
reference_id RHSA-2026:24761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24761
20
reference_url https://access.redhat.com/errata/RHSA-2026:4942
reference_id RHSA-2026:4942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4942
21
reference_url https://access.redhat.com/errata/RHSA-2026:5168
reference_id RHSA-2026:5168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5168
22
reference_url https://access.redhat.com/errata/RHSA-2026:5665
reference_id RHSA-2026:5665
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5665
23
reference_url https://access.redhat.com/errata/RHSA-2026:6192
reference_id RHSA-2026:6192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6192
24
reference_url https://access.redhat.com/errata/RHSA-2026:6497
reference_id RHSA-2026:6497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6497
25
reference_url https://access.redhat.com/errata/RHSA-2026:6567
reference_id RHSA-2026:6567
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6567
26
reference_url https://access.redhat.com/errata/RHSA-2026:6568
reference_id RHSA-2026:6568
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6568
27
reference_url https://access.redhat.com/errata/RHSA-2026:7080
reference_id RHSA-2026:7080
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7080
28
reference_url https://access.redhat.com/errata/RHSA-2026:7123
reference_id RHSA-2026:7123
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7123
29
reference_url https://access.redhat.com/errata/RHSA-2026:7302
reference_id RHSA-2026:7302
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7302
30
reference_url https://access.redhat.com/errata/RHSA-2026:7310
reference_id RHSA-2026:7310
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7310
31
reference_url https://access.redhat.com/errata/RHSA-2026:7350
reference_id RHSA-2026:7350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7350
32
reference_url https://access.redhat.com/errata/RHSA-2026:7670
reference_id RHSA-2026:7670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7670
33
reference_url https://access.redhat.com/errata/RHSA-2026:7675
reference_id RHSA-2026:7675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7675
34
reference_url https://access.redhat.com/errata/RHSA-2026:7896
reference_id RHSA-2026:7896
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7896
35
reference_url https://access.redhat.com/errata/RHSA-2026:7983
reference_id RHSA-2026:7983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7983
36
reference_url https://access.redhat.com/errata/RHSA-2026:8339
reference_id RHSA-2026:8339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8339
37
reference_url https://access.redhat.com/errata/RHSA-2026:9711
reference_id RHSA-2026:9711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9711
38
reference_url https://access.redhat.com/errata/RHSA-2026:9742
reference_id RHSA-2026:9742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9742
39
reference_url https://access.redhat.com/errata/RHSA-2026:9874
reference_id RHSA-2026:9874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9874
fixed_packages
aliases CVE-2026-26996, GHSA-3ppc-4f35-3m26
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ackg-agjd-2khe
3
url VCID-exgy-82b9-n7dk
vulnerability_id VCID-exgy-82b9-n7dk
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27904.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27904.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27904
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.0777
published_at 2026-06-11T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07795
published_at 2026-06-14T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07802
published_at 2026-06-13T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07808
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27904
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27904
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/isaacs/minimatch
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/minimatch
5
reference_url https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129095
reference_id 1129095
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129095
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442922
reference_id 2442922
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442922
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-27904
reference_id CVE-2026-27904
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-27904
9
reference_url https://github.com/advisories/GHSA-23c5-xmqv-rm74
reference_id GHSA-23c5-xmqv-rm74
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-23c5-xmqv-rm74
10
reference_url https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74
reference_id GHSA-23c5-xmqv-rm74
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T19:21:18Z/
url https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74
11
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
12
reference_url https://access.redhat.com/errata/RHSA-2026:13826
reference_id RHSA-2026:13826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13826
13
reference_url https://access.redhat.com/errata/RHSA-2026:18054
reference_id RHSA-2026:18054
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18054
14
reference_url https://access.redhat.com/errata/RHSA-2026:18055
reference_id RHSA-2026:18055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18055
15
reference_url https://access.redhat.com/errata/RHSA-2026:18059
reference_id RHSA-2026:18059
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:18059
16
reference_url https://access.redhat.com/errata/RHSA-2026:21772
reference_id RHSA-2026:21772
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21772
17
reference_url https://access.redhat.com/errata/RHSA-2026:24761
reference_id RHSA-2026:24761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24761
18
reference_url https://access.redhat.com/errata/RHSA-2026:4942
reference_id RHSA-2026:4942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4942
19
reference_url https://access.redhat.com/errata/RHSA-2026:5168
reference_id RHSA-2026:5168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5168
20
reference_url https://access.redhat.com/errata/RHSA-2026:5665
reference_id RHSA-2026:5665
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5665
21
reference_url https://access.redhat.com/errata/RHSA-2026:6277
reference_id RHSA-2026:6277
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6277
22
reference_url https://access.redhat.com/errata/RHSA-2026:6497
reference_id RHSA-2026:6497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6497
23
reference_url https://access.redhat.com/errata/RHSA-2026:6567
reference_id RHSA-2026:6567
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6567
24
reference_url https://access.redhat.com/errata/RHSA-2026:6568
reference_id RHSA-2026:6568
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6568
25
reference_url https://access.redhat.com/errata/RHSA-2026:7080
reference_id RHSA-2026:7080
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7080
26
reference_url https://access.redhat.com/errata/RHSA-2026:7123
reference_id RHSA-2026:7123
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7123
27
reference_url https://access.redhat.com/errata/RHSA-2026:7302
reference_id RHSA-2026:7302
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7302
28
reference_url https://access.redhat.com/errata/RHSA-2026:7310
reference_id RHSA-2026:7310
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7310
29
reference_url https://access.redhat.com/errata/RHSA-2026:7896
reference_id RHSA-2026:7896
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7896
30
reference_url https://access.redhat.com/errata/RHSA-2026:7983
reference_id RHSA-2026:7983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7983
31
reference_url https://access.redhat.com/errata/RHSA-2026:8339
reference_id RHSA-2026:8339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8339
32
reference_url https://access.redhat.com/errata/RHSA-2026:9711
reference_id RHSA-2026:9711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9711
33
reference_url https://access.redhat.com/errata/RHSA-2026:9742
reference_id RHSA-2026:9742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9742
34
reference_url https://access.redhat.com/errata/RHSA-2026:9874
reference_id RHSA-2026:9874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9874
fixed_packages
aliases CVE-2026-27904, GHSA-23c5-xmqv-rm74
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-exgy-82b9-n7dk
4
url VCID-jzq5-zkxm-kka3
vulnerability_id VCID-jzq5-zkxm-kka3
summary Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, `pki.verifyCertificateChain()` does not enforce RFC 5280 basicConstraints requirements when an intermediate certificate lacks both the `basicConstraints` and `keyUsage` extensions. This allows any leaf certificate (without these extensions) to act as a CA and sign other certificates, which node-forge will accept as valid. Version 1.4.0 patches the issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33896.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33896.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33896
reference_id
reference_type
scores
0
value 0.00035
scoring_system epss
scoring_elements 0.10695
published_at 2026-06-13T12:55:00Z
1
value 0.00035
scoring_system epss
scoring_elements 0.10671
published_at 2026-06-14T12:55:00Z
2
value 0.00035
scoring_system epss
scoring_elements 0.10694
published_at 2026-06-12T12:55:00Z
3
value 0.00035
scoring_system epss
scoring_elements 0.10635
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33896
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33896
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33896
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2452458
reference_id 2452458
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2452458
4
reference_url https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90
reference_id 2e492832fb25227e6b647cbe1ac981c123171e90
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-30T18:53:46Z/
url https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90
5
reference_url https://github.com/advisories/GHSA-2328-f5f3-gj25
reference_id GHSA-2328-f5f3-gj25
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2328-f5f3-gj25
6
reference_url https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25
reference_id GHSA-2328-f5f3-gj25
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-30T18:53:46Z/
url https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25
7
reference_url https://access.redhat.com/errata/RHSA-2026:13826
reference_id RHSA-2026:13826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13826
8
reference_url https://access.redhat.com/errata/RHSA-2026:24761
reference_id RHSA-2026:24761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24761
9
reference_url https://access.redhat.com/errata/RHSA-2026:9742
reference_id RHSA-2026:9742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9742
fixed_packages
aliases CVE-2026-33896, GHSA-2328-f5f3-gj25
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jzq5-zkxm-kka3
5
url VCID-nmfc-rcv8-gyb8
vulnerability_id VCID-nmfc-rcv8-gyb8
summary 
Impact:

A bad regular expression is generated any time you have multiple sequential optional groups (curly brace syntax), such as `{a}{b}{c}:z`. The generated regex grows exponentially with the number of groups, causing denial of service.

Patches:

Fixed in version 8.4.0.

Workarounds:

Limit the number of sequential optional groups in route patterns. Avoid passing user-controlled input as route patterns.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4926.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4926.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4926
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.0548
published_at 2026-06-12T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05466
published_at 2026-06-14T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05454
published_at 2026-06-11T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.05475
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4926
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4926
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4926
3
reference_url https://github.com/pillarjs/path-to-regexp
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pillarjs/path-to-regexp
4
reference_url https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-j3q9-mxjg-w52f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-j3q9-mxjg-w52f
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-4926
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-4926
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132020
reference_id 1132020
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132020
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451867
reference_id 2451867
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451867
8
reference_url https://github.com/advisories/GHSA-j3q9-mxjg-w52f
reference_id GHSA-j3q9-mxjg-w52f
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j3q9-mxjg-w52f
9
reference_url https://access.redhat.com/errata/RHSA-2026:10153
reference_id RHSA-2026:10153
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10153
10
reference_url https://access.redhat.com/errata/RHSA-2026:10172
reference_id RHSA-2026:10172
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10172
11
reference_url https://access.redhat.com/errata/RHSA-2026:10175
reference_id RHSA-2026:10175
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10175
12
reference_url https://access.redhat.com/errata/RHSA-2026:13545
reference_id RHSA-2026:13545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13545
13
reference_url https://access.redhat.com/errata/RHSA-2026:13826
reference_id RHSA-2026:13826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13826
14
reference_url https://access.redhat.com/errata/RHSA-2026:17789
reference_id RHSA-2026:17789
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17789
15
reference_url https://access.redhat.com/errata/RHSA-2026:19409
reference_id RHSA-2026:19409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19409
16
reference_url https://access.redhat.com/errata/RHSA-2026:19410
reference_id RHSA-2026:19410
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19410
17
reference_url https://access.redhat.com/errata/RHSA-2026:24761
reference_id RHSA-2026:24761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24761
18
reference_url https://access.redhat.com/errata/RHSA-2026:24762
reference_id RHSA-2026:24762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24762
19
reference_url https://access.redhat.com/errata/RHSA-2026:24866
reference_id RHSA-2026:24866
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24866
20
reference_url https://access.redhat.com/errata/RHSA-2026:9385
reference_id RHSA-2026:9385
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9385
21
reference_url https://access.redhat.com/errata/RHSA-2026:9742
reference_id RHSA-2026:9742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9742
22
reference_url https://cna.openjsf.org/security-advisories.html
reference_id security-advisories.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-27T19:44:44Z/
url https://cna.openjsf.org/security-advisories.html
fixed_packages
aliases CVE-2026-4926, GHSA-j3q9-mxjg-w52f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nmfc-rcv8-gyb8
6
url VCID-pc81-tj49-j3fs
vulnerability_id VCID-pc81-tj49-j3fs
summary Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, RSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures by stuffing “garbage” bytes within the ASN structure in order to construct a signature that passes verification, enabling Bleichenbacher style forgery. This issue is similar to CVE-2022-24771, but adds bytes in an addition field within the ASN structure, rather than outside of it. Additionally, forge does not validate that signatures include a minimum of 8 bytes of padding as defined by the specification, providing attackers additional space to construct Bleichenbacher forgeries. Version 1.4.0 patches the issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33894.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33894.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33894
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11873
published_at 2026-06-14T12:55:00Z
1
value 0.00038
scoring_system epss
scoring_elements 0.11896
published_at 2026-06-13T12:55:00Z
2
value 0.00038
scoring_system epss
scoring_elements 0.11812
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33894
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33894
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33894
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2452464
reference_id 2452464
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2452464
4
reference_url https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE
reference_id 5rnE9ZRN1AokBVj3VqblGlP63QE
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:04:30Z/
url https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE
5
reference_url https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765
reference_id GHSA-cfm4-qjh2-4765
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765
6
reference_url https://github.com/advisories/GHSA-ppp5-5v6c-4jwp
reference_id GHSA-ppp5-5v6c-4jwp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-ppp5-5v6c-4jwp
7
reference_url https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp
reference_id GHSA-ppp5-5v6c-4jwp
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:04:30Z/
url https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp
8
reference_url https://datatracker.ietf.org/doc/html/rfc2313#section-8
reference_id rfc2313#section-8
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:04:30Z/
url https://datatracker.ietf.org/doc/html/rfc2313#section-8
9
reference_url https://www.rfc-editor.org/rfc/rfc8017.html
reference_id rfc8017.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T14:04:30Z/
url https://www.rfc-editor.org/rfc/rfc8017.html
10
reference_url https://access.redhat.com/errata/RHSA-2026:13826
reference_id RHSA-2026:13826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13826
11
reference_url https://access.redhat.com/errata/RHSA-2026:19375
reference_id RHSA-2026:19375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19375
12
reference_url https://access.redhat.com/errata/RHSA-2026:21017
reference_id RHSA-2026:21017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21017
13
reference_url https://access.redhat.com/errata/RHSA-2026:22465
reference_id RHSA-2026:22465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22465
14
reference_url https://access.redhat.com/errata/RHSA-2026:22629
reference_id RHSA-2026:22629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22629
15
reference_url https://access.redhat.com/errata/RHSA-2026:22840
reference_id RHSA-2026:22840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22840
16
reference_url https://access.redhat.com/errata/RHSA-2026:23361
reference_id RHSA-2026:23361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23361
17
reference_url https://access.redhat.com/errata/RHSA-2026:24761
reference_id RHSA-2026:24761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24761
18
reference_url https://access.redhat.com/errata/RHSA-2026:24853
reference_id RHSA-2026:24853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24853
19
reference_url https://access.redhat.com/errata/RHSA-2026:9742
reference_id RHSA-2026:9742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9742
fixed_packages
aliases CVE-2026-33894, GHSA-ppp5-5v6c-4jwp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pc81-tj49-j3fs
7
url VCID-xn8m-3ck8-fufm
vulnerability_id VCID-xn8m-3ck8-fufm
summary Vite is a frontend tooling framework for JavaScript. From 6.0.0 to before 6.4.2, 7.3.2, and 8.0.5, if it is possible to connect to the Vite dev server’s WebSocket without an Origin header, an attacker can invoke fetchModule via the custom WebSocket event vite:invoke and combine file://... with ?raw (or ?inline) to retrieve the contents of arbitrary files on the server as a JavaScript string (e.g., export default "..."). The access control enforced in the HTTP request path (such as server.fs.allow) is not applied to this WebSocket-based execution path. This vulnerability is fixed in 6.4.2, 7.3.2, and 8.0.5.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-39363.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-39363.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-39363
reference_id
reference_type
scores
0
value 0.05706
scoring_system epss
scoring_elements 0.90621
published_at 2026-06-11T12:55:00Z
1
value 0.05706
scoring_system epss
scoring_elements 0.90658
published_at 2026-06-13T12:55:00Z
2
value 0.05706
scoring_system epss
scoring_elements 0.90651
published_at 2026-06-12T12:55:00Z
3
value 0.05942
scoring_system epss
scoring_elements 0.90886
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-39363
2
reference_url https://github.com/vitejs/vite
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/vitejs/vite
3
reference_url https://github.com/vitejs/vite/commit/f02d9fde0b195afe3ea2944414186962fbbe41e0
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/vitejs/vite/commit/f02d9fde0b195afe3ea2944414186962fbbe41e0
4
reference_url https://github.com/vitejs/vite/pull/22159
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/vitejs/vite/pull/22159
5
reference_url https://github.com/vitejs/vite/releases/tag/v6.4.2
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/vitejs/vite/releases/tag/v6.4.2
6
reference_url https://github.com/vitejs/vite/releases/tag/v7.3.2
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/vitejs/vite/releases/tag/v7.3.2
7
reference_url https://github.com/vitejs/vite/releases/tag/v8.0.5
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/vitejs/vite/releases/tag/v8.0.5
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-39363
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-39363
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456179
reference_id 2456179
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456179
10
reference_url https://github.com/advisories/GHSA-p9ff-h696-f583
reference_id GHSA-p9ff-h696-f583
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p9ff-h696-f583
11
reference_url https://github.com/vitejs/vite/security/advisories/GHSA-p9ff-h696-f583
reference_id GHSA-p9ff-h696-f583
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T17:52:54Z/
url https://github.com/vitejs/vite/security/advisories/GHSA-p9ff-h696-f583
12
reference_url https://access.redhat.com/errata/RHSA-2026:24761
reference_id RHSA-2026:24761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24761
13
reference_url https://access.redhat.com/errata/RHSA-2026:24762
reference_id RHSA-2026:24762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24762
14
reference_url https://access.redhat.com/errata/RHSA-2026:24866
reference_id RHSA-2026:24866
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24866
fixed_packages
aliases CVE-2026-39363, GHSA-p9ff-h696-f583
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xn8m-3ck8-fufm
8
url VCID-z7tw-mtdc-wfd3
vulnerability_id VCID-z7tw-mtdc-wfd3
summary Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, a Denial of Service (DoS) vulnerability exists in the node-forge library due to an infinite loop in the BigInteger.modInverse() function (inherited from the bundled jsbn library). When modInverse() is called with a zero value as input, the internal Extended Euclidean Algorithm enters an unreachable exit condition, causing the process to hang indefinitely and consume 100% CPU. Version 1.4.0 patches the issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33891.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33891.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33891
reference_id
reference_type
scores
0
value 0.00081
scoring_system epss
scoring_elements 0.23973
published_at 2026-06-13T12:55:00Z
1
value 0.00081
scoring_system epss
scoring_elements 0.23951
published_at 2026-06-14T12:55:00Z
2
value 0.00081
scoring_system epss
scoring_elements 0.23965
published_at 2026-06-12T12:55:00Z
3
value 0.00081
scoring_system epss
scoring_elements 0.23769
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33891
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33891
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33891
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2452450
reference_id 2452450
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2452450
4
reference_url https://github.com/digitalbazaar/forge/commit/9bb8d67b99d17e4ebb5fd7596cd699e11f25d023
reference_id 9bb8d67b99d17e4ebb5fd7596cd699e11f25d023
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-30T15:38:00Z/
url https://github.com/digitalbazaar/forge/commit/9bb8d67b99d17e4ebb5fd7596cd699e11f25d023
5
reference_url https://github.com/advisories/GHSA-5m6q-g25r-mvwx
reference_id GHSA-5m6q-g25r-mvwx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5m6q-g25r-mvwx
6
reference_url https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx
reference_id GHSA-5m6q-g25r-mvwx
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-30T15:38:00Z/
url https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx
7
reference_url https://access.redhat.com/errata/RHSA-2026:13826
reference_id RHSA-2026:13826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13826
8
reference_url https://access.redhat.com/errata/RHSA-2026:24761
reference_id RHSA-2026:24761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24761
9
reference_url https://access.redhat.com/errata/RHSA-2026:24762
reference_id RHSA-2026:24762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24762
10
reference_url https://access.redhat.com/errata/RHSA-2026:9742
reference_id RHSA-2026:9742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9742
fixed_packages
aliases CVE-2026-33891, GHSA-5m6q-g25r-mvwx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z7tw-mtdc-wfd3
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/automation-gateway@2.5.20260422-3%3Farch=el9ap