{"url":"http://public2.vulnerablecode.io/api/packages/989621?format=json","purl":"pkg:npm/%40xmldom/xmldom@0.9.8","type":"npm","namespace":"@xmldom","name":"xmldom","version":"0.9.8","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"0.9.10","latest_non_vulnerable_version":"0.9.10","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28624?format=json","vulnerability_id":"VCID-36ef-k7sp-n3d9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41675.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41675.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41675","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06362","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41675"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41675","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41675"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/xmldom/xmldom","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/xmldom/xmldom"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41675","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41675"},{"reference_url":"https://github.com/xmldom/xmldom/releases/tag/0.8.13","reference_id":"0.8.13","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:43:50Z/"}],"url":"https://github.com/xmldom/xmldom/releases/tag/0.8.13"},{"reference_url":"https://github.com/xmldom/xmldom/releases/tag/0.9.10","reference_id":"0.9.10","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:43:50Z/"}],"url":"https://github.com/xmldom/xmldom/releases/tag/0.9.10"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467629","reference_id":"2467629","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467629"},{"reference_url":"https://github.com/xmldom/xmldom/commit/7207a4b0e0bcc228868075ed991665ef9f73b1c2","reference_id":"7207a4b0e0bcc228868075ed991665ef9f73b1c2","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:43:50Z/"}],"url":"https://github.com/xmldom/xmldom/commit/7207a4b0e0bcc228868075ed991665ef9f73b1c2"},{"reference_url":"https://github.com/advisories/GHSA-x6wf-f3px-wcqx","reference_id":"GHSA-x6wf-f3px-wcqx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x6wf-f3px-wcqx"},{"reference_url":"https://github.com/xmldom/xmldom/security/advisories/GHSA-x6wf-f3px-wcqx","reference_id":"GHSA-x6wf-f3px-wcqx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:43:50Z/"}],"url":"https://github.com/xmldom/xmldom/security/advisories/GHSA-x6wf-f3px-wcqx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373353?format=json","purl":"pkg:npm/%40xmldom/xmldom@0.9.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540xmldom/xmldom@0.9.10"}],"aliases":["CVE-2026-41675","GHSA-x6wf-f3px-wcqx"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-36ef-k7sp-n3d9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28621?format=json","vulnerability_id":"VCID-9aau-6eq7-fygj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41672.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41672.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41672","reference_id":"","reference_type":"","scores":[{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23808","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41672"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41672","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41672"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/xmldom/xmldom","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/xmldom/xmldom"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41672","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41672"},{"reference_url":"https://github.com/xmldom/xmldom/releases/tag/0.8.13","reference_id":"0.8.13","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:11:04Z/"}],"url":"https://github.com/xmldom/xmldom/releases/tag/0.8.13"},{"reference_url":"https://github.com/xmldom/xmldom/releases/tag/0.9.10","reference_id":"0.9.10","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:11:04Z/"}],"url":"https://github.com/xmldom/xmldom/releases/tag/0.9.10"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467631","reference_id":"2467631","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467631"},{"reference_url":"https://github.com/xmldom/xmldom/pull/987","reference_id":"987","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:11:04Z/"}],"url":"https://github.com/xmldom/xmldom/pull/987"},{"reference_url":"https://github.com/xmldom/xmldom/commit/b397540889086da868c30c366ad5c220d1a750c7","reference_id":"b397540889086da868c30c366ad5c220d1a750c7","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:11:04Z/"}],"url":"https://github.com/xmldom/xmldom/commit/b397540889086da868c30c366ad5c220d1a750c7"},{"reference_url":"https://github.com/xmldom/xmldom/commit/fda7cc313de30243fea35cada64e0bb12099c2a1","reference_id":"fda7cc313de30243fea35cada64e0bb12099c2a1","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:11:04Z/"}],"url":"https://github.com/xmldom/xmldom/commit/fda7cc313de30243fea35cada64e0bb12099c2a1"},{"reference_url":"https://github.com/advisories/GHSA-j759-j44w-7fr8","reference_id":"GHSA-j759-j44w-7fr8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j759-j44w-7fr8"},{"reference_url":"https://github.com/xmldom/xmldom/security/advisories/GHSA-j759-j44w-7fr8","reference_id":"GHSA-j759-j44w-7fr8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:11:04Z/"}],"url":"https://github.com/xmldom/xmldom/security/advisories/GHSA-j759-j44w-7fr8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373353?format=json","purl":"pkg:npm/%40xmldom/xmldom@0.9.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540xmldom/xmldom@0.9.10"}],"aliases":["CVE-2026-41672","GHSA-j759-j44w-7fr8"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9aau-6eq7-fygj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28371?format=json","vulnerability_id":"VCID-dee8-pr8u-zff7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34601.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34601.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34601","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05682","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34601"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/xmldom/xmldom","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/xmldom/xmldom"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34601","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-34601"},{"reference_url":"https://github.com/xmldom/xmldom/releases/tag/0.8.12","reference_id":"0.8.12","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T16:02:29Z/"}],"url":"https://github.com/xmldom/xmldom/releases/tag/0.8.12"},{"reference_url":"https://github.com/xmldom/xmldom/releases/tag/0.9.9","reference_id":"0.9.9","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T16:02:29Z/"}],"url":"https://github.com/xmldom/xmldom/releases/tag/0.9.9"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132714","reference_id":"1132714","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132714"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454595","reference_id":"2454595","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454595"},{"reference_url":"https://github.com/xmldom/xmldom/commit/2b852e836ab86dbbd6cbaf0537f584dd0b5ac184","reference_id":"2b852e836ab86dbbd6cbaf0537f584dd0b5ac184","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T16:02:29Z/"}],"url":"https://github.com/xmldom/xmldom/commit/2b852e836ab86dbbd6cbaf0537f584dd0b5ac184"},{"reference_url":"https://github.com/advisories/GHSA-wh4c-j3r5-mjhp","reference_id":"GHSA-wh4c-j3r5-mjhp","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wh4c-j3r5-mjhp"},{"reference_url":"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp","reference_id":"GHSA-wh4c-j3r5-mjhp","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T16:02:29Z/"}],"url":"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373892?format=json","purl":"pkg:npm/%40xmldom/xmldom@0.9.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-36ef-k7sp-n3d9"},{"vulnerability":"VCID-9aau-6eq7-fygj"},{"vulnerability":"VCID-e297-qujn-gyc2"},{"vulnerability":"VCID-gbzu-517w-d7dy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540xmldom/xmldom@0.9.9"}],"aliases":["CVE-2026-34601","GHSA-wh4c-j3r5-mjhp"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dee8-pr8u-zff7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28623?format=json","vulnerability_id":"VCID-e297-qujn-gyc2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41674.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41674.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41674","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06362","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41674"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41674","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41674"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/xmldom/xmldom","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/xmldom/xmldom"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41674","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41674"},{"reference_url":"https://github.com/xmldom/xmldom/releases/tag/0.8.13","reference_id":"0.8.13","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T12:35:22Z/"}],"url":"https://github.com/xmldom/xmldom/releases/tag/0.8.13"},{"reference_url":"https://github.com/xmldom/xmldom/releases/tag/0.9.10","reference_id":"0.9.10","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T12:35:22Z/"}],"url":"https://github.com/xmldom/xmldom/releases/tag/0.9.10"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467620","reference_id":"2467620","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467620"},{"reference_url":"https://github.com/xmldom/xmldom/commit/372008f9ae0e20fd69f761c7b79e202598267314","reference_id":"372008f9ae0e20fd69f761c7b79e202598267314","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T12:35:22Z/"}],"url":"https://github.com/xmldom/xmldom/commit/372008f9ae0e20fd69f761c7b79e202598267314"},{"reference_url":"https://github.com/advisories/GHSA-f6ww-3ggp-fr8h","reference_id":"GHSA-f6ww-3ggp-fr8h","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f6ww-3ggp-fr8h"},{"reference_url":"https://github.com/xmldom/xmldom/security/advisories/GHSA-f6ww-3ggp-fr8h","reference_id":"GHSA-f6ww-3ggp-fr8h","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T12:35:22Z/"}],"url":"https://github.com/xmldom/xmldom/security/advisories/GHSA-f6ww-3ggp-fr8h"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20034","reference_id":"RHSA-2026:20034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21338","reference_id":"RHSA-2026:21338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21703","reference_id":"RHSA-2026:21703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21703"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373353?format=json","purl":"pkg:npm/%40xmldom/xmldom@0.9.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540xmldom/xmldom@0.9.10"}],"aliases":["CVE-2026-41674","GHSA-f6ww-3ggp-fr8h"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e297-qujn-gyc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28622?format=json","vulnerability_id":"VCID-gbzu-517w-d7dy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41673.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41673.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41673","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13616","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41673"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41673","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41673"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/xmldom/xmldom","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/xmldom/xmldom"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41673","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41673"},{"reference_url":"https://github.com/xmldom/xmldom/releases/tag/0.8.13","reference_id":"0.8.13","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:08:40Z/"}],"url":"https://github.com/xmldom/xmldom/releases/tag/0.8.13"},{"reference_url":"https://github.com/xmldom/xmldom/releases/tag/0.9.10","reference_id":"0.9.10","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:08:40Z/"}],"url":"https://github.com/xmldom/xmldom/releases/tag/0.9.10"},{"reference_url":"https://github.com/xmldom/xmldom/commit/17678a2a73ecbd1a2da90f3d47dc23da9cef81aa","reference_id":"17678a2a73ecbd1a2da90f3d47dc23da9cef81aa","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:08:40Z/"}],"url":"https://github.com/xmldom/xmldom/commit/17678a2a73ecbd1a2da90f3d47dc23da9cef81aa"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467630","reference_id":"2467630","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467630"},{"reference_url":"https://github.com/xmldom/xmldom/commit/291257493cb0eb6980eda83b162a9c4e6d7d2597","reference_id":"291257493cb0eb6980eda83b162a9c4e6d7d2597","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:08:40Z/"}],"url":"https://github.com/xmldom/xmldom/commit/291257493cb0eb6980eda83b162a9c4e6d7d2597"},{"reference_url":"https://github.com/xmldom/xmldom/commit/2d6d6916ed8a4c223db1f6d7560ab4544c465b0f","reference_id":"2d6d6916ed8a4c223db1f6d7560ab4544c465b0f","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:08:40Z/"}],"url":"https://github.com/xmldom/xmldom/commit/2d6d6916ed8a4c223db1f6d7560ab4544c465b0f"},{"reference_url":"https://github.com/xmldom/xmldom/commit/430357c7b6333108856e917bf2367afe5ceb6f8a","reference_id":"430357c7b6333108856e917bf2367afe5ceb6f8a","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:08:40Z/"}],"url":"https://github.com/xmldom/xmldom/commit/430357c7b6333108856e917bf2367afe5ceb6f8a"},{"reference_url":"https://github.com/xmldom/xmldom/commit/4845ef109221df0890825de2822fbe77afba3afe","reference_id":"4845ef109221df0890825de2822fbe77afba3afe","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:08:40Z/"}],"url":"https://github.com/xmldom/xmldom/commit/4845ef109221df0890825de2822fbe77afba3afe"},{"reference_url":"https://github.com/xmldom/xmldom/commit/8834218c85ac2a4d757b9587c9028e67c2f7b6c3","reference_id":"8834218c85ac2a4d757b9587c9028e67c2f7b6c3","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:08:40Z/"}],"url":"https://github.com/xmldom/xmldom/commit/8834218c85ac2a4d757b9587c9028e67c2f7b6c3"},{"reference_url":"https://github.com/xmldom/xmldom/commit/8b7cfd1491314abdc347261921d7334ff15f7112","reference_id":"8b7cfd1491314abdc347261921d7334ff15f7112","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:08:40Z/"}],"url":"https://github.com/xmldom/xmldom/commit/8b7cfd1491314abdc347261921d7334ff15f7112"},{"reference_url":"https://github.com/xmldom/xmldom/commit/b0620383abc1df067f3ce1014c43ae1bc1161eeb","reference_id":"b0620383abc1df067f3ce1014c43ae1bc1161eeb","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:08:40Z/"}],"url":"https://github.com/xmldom/xmldom/commit/b0620383abc1df067f3ce1014c43ae1bc1161eeb"},{"reference_url":"https://github.com/xmldom/xmldom/commit/e6edcab6bef5bcdba0b220bb35442aa72f452b84","reference_id":"e6edcab6bef5bcdba0b220bb35442aa72f452b84","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:08:40Z/"}],"url":"https://github.com/xmldom/xmldom/commit/e6edcab6bef5bcdba0b220bb35442aa72f452b84"},{"reference_url":"https://github.com/advisories/GHSA-2v35-w6hq-6mfw","reference_id":"GHSA-2v35-w6hq-6mfw","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2v35-w6hq-6mfw"},{"reference_url":"https://github.com/xmldom/xmldom/security/advisories/GHSA-2v35-w6hq-6mfw","reference_id":"GHSA-2v35-w6hq-6mfw","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T14:08:40Z/"}],"url":"https://github.com/xmldom/xmldom/security/advisories/GHSA-2v35-w6hq-6mfw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373353?format=json","purl":"pkg:npm/%40xmldom/xmldom@0.9.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540xmldom/xmldom@0.9.10"}],"aliases":["CVE-2026-41673","GHSA-2v35-w6hq-6mfw"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gbzu-517w-d7dy"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540xmldom/xmldom@0.9.8"}