Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-frdw-trch-uufq
SummaryHost and event action script input is validated with a regex (set by the administrator), but the validation runs in multiline mode. If ^ and $ anchors are used in user input validation, an injected newline lets authenticated users bypass the check and inject shell commands.
Aliases
0
alias CVE-2026-23920
Fixed_packages
0
url pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1
purl pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1
1
url pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie
2
url pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie
3
url pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
purl pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1
purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18kh-njx3-p7aw
1
vulnerability VCID-21tq-54r3-cqec
2
vulnerability VCID-35gu-ctk8-2yd2
3
vulnerability VCID-4c5a-bddp-pka5
4
vulnerability VCID-53f2-uzt4-pqgs
5
vulnerability VCID-5t3t-6uqs-akbk
6
vulnerability VCID-75fb-vhhc-fbe8
7
vulnerability VCID-8zqh-3xt2-nbdq
8
vulnerability VCID-ambh-afzs-2kg9
9
vulnerability VCID-bff2-nhum-ckhj
10
vulnerability VCID-bm7b-qurk-2qdk
11
vulnerability VCID-dr1v-72p6-2yhn
12
vulnerability VCID-frdw-trch-uufq
13
vulnerability VCID-gapt-kwkw-kkek
14
vulnerability VCID-gj5s-dde8-1ubx
15
vulnerability VCID-jate-jey2-n3g1
16
vulnerability VCID-jcd1-hyep-c3h3
17
vulnerability VCID-jked-29nn-tqe3
18
vulnerability VCID-nv7m-hsr3-17gk
19
vulnerability VCID-sc8u-4w9c-23ev
20
vulnerability VCID-t864-v2g6-jbhk
21
vulnerability VCID-tt47-6swy-n3cw
22
vulnerability VCID-wv5n-ccn5-fqc2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1
1
url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18kh-njx3-p7aw
1
vulnerability VCID-53f2-uzt4-pqgs
2
vulnerability VCID-8zqh-3xt2-nbdq
3
vulnerability VCID-bff2-nhum-ckhj
4
vulnerability VCID-dr1v-72p6-2yhn
5
vulnerability VCID-frdw-trch-uufq
6
vulnerability VCID-gapt-kwkw-kkek
7
vulnerability VCID-gj5s-dde8-1ubx
8
vulnerability VCID-nv7m-hsr3-17gk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie
2
url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1
purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18kh-njx3-p7aw
1
vulnerability VCID-21tq-54r3-cqec
2
vulnerability VCID-2jas-5kc1-puat
3
vulnerability VCID-35gu-ctk8-2yd2
4
vulnerability VCID-3azv-fsyx-n3fz
5
vulnerability VCID-3stx-z7ze-wbe8
6
vulnerability VCID-53f2-uzt4-pqgs
7
vulnerability VCID-547k-dyst-k3gx
8
vulnerability VCID-5t3t-6uqs-akbk
9
vulnerability VCID-75fb-vhhc-fbe8
10
vulnerability VCID-7ajm-my3d-7fgy
11
vulnerability VCID-8eb9-mxpg-5kf2
12
vulnerability VCID-8zqh-3xt2-nbdq
13
vulnerability VCID-ambh-afzs-2kg9
14
vulnerability VCID-beqm-vczf-dqgj
15
vulnerability VCID-bff2-nhum-ckhj
16
vulnerability VCID-buz8-zycr-tbh2
17
vulnerability VCID-dr1v-72p6-2yhn
18
vulnerability VCID-fefk-6mjh-67fm
19
vulnerability VCID-frdw-trch-uufq
20
vulnerability VCID-gapt-kwkw-kkek
21
vulnerability VCID-gj5s-dde8-1ubx
22
vulnerability VCID-h5fw-ktc6-rqd3
23
vulnerability VCID-hhsz-ba47-zka4
24
vulnerability VCID-jate-jey2-n3g1
25
vulnerability VCID-jkcz-zpks-ubgz
26
vulnerability VCID-jked-29nn-tqe3
27
vulnerability VCID-jx4z-thz3-rbdw
28
vulnerability VCID-jy3a-zvh4-b3ag
29
vulnerability VCID-kfz9-wq8k-nkb3
30
vulnerability VCID-m5us-tmqh-wkbm
31
vulnerability VCID-mpy5-d7qa-u7fz
32
vulnerability VCID-n38c-6usb-tkgq
33
vulnerability VCID-nv7m-hsr3-17gk
34
vulnerability VCID-pgj4-u64z-17bt
35
vulnerability VCID-pr1g-m4k2-1ue1
36
vulnerability VCID-sc8u-4w9c-23ev
37
vulnerability VCID-t864-v2g6-jbhk
38
vulnerability VCID-tbsd-gk6n-9ygc
39
vulnerability VCID-u4hp-dwsj-53b9
40
vulnerability VCID-ubyg-pbmy-ekds
41
vulnerability VCID-vuzz-by1n-aff9
42
vulnerability VCID-w384-t6ne-s3g7
43
vulnerability VCID-w4dd-77t2-wuc7
44
vulnerability VCID-wurt-zx5x-8kds
45
vulnerability VCID-wv5n-ccn5-fqc2
46
vulnerability VCID-xaqm-x1w4-s3hn
47
vulnerability VCID-xwr8-85au-ukd7
48
vulnerability VCID-ytep-z8dn-vfh7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1
3
url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18kh-njx3-p7aw
1
vulnerability VCID-21tq-54r3-cqec
2
vulnerability VCID-2jas-5kc1-puat
3
vulnerability VCID-35gu-ctk8-2yd2
4
vulnerability VCID-3azv-fsyx-n3fz
5
vulnerability VCID-3stx-z7ze-wbe8
6
vulnerability VCID-53f2-uzt4-pqgs
7
vulnerability VCID-547k-dyst-k3gx
8
vulnerability VCID-5t3t-6uqs-akbk
9
vulnerability VCID-75fb-vhhc-fbe8
10
vulnerability VCID-7ajm-my3d-7fgy
11
vulnerability VCID-8eb9-mxpg-5kf2
12
vulnerability VCID-8zqh-3xt2-nbdq
13
vulnerability VCID-ambh-afzs-2kg9
14
vulnerability VCID-beqm-vczf-dqgj
15
vulnerability VCID-bff2-nhum-ckhj
16
vulnerability VCID-buz8-zycr-tbh2
17
vulnerability VCID-dr1v-72p6-2yhn
18
vulnerability VCID-fefk-6mjh-67fm
19
vulnerability VCID-frdw-trch-uufq
20
vulnerability VCID-gapt-kwkw-kkek
21
vulnerability VCID-gj5s-dde8-1ubx
22
vulnerability VCID-h5fw-ktc6-rqd3
23
vulnerability VCID-hhsz-ba47-zka4
24
vulnerability VCID-jate-jey2-n3g1
25
vulnerability VCID-jkcz-zpks-ubgz
26
vulnerability VCID-jked-29nn-tqe3
27
vulnerability VCID-jx4z-thz3-rbdw
28
vulnerability VCID-jy3a-zvh4-b3ag
29
vulnerability VCID-kfz9-wq8k-nkb3
30
vulnerability VCID-m5us-tmqh-wkbm
31
vulnerability VCID-mpy5-d7qa-u7fz
32
vulnerability VCID-n38c-6usb-tkgq
33
vulnerability VCID-nv7m-hsr3-17gk
34
vulnerability VCID-pgj4-u64z-17bt
35
vulnerability VCID-pr1g-m4k2-1ue1
36
vulnerability VCID-sc8u-4w9c-23ev
37
vulnerability VCID-t864-v2g6-jbhk
38
vulnerability VCID-tbsd-gk6n-9ygc
39
vulnerability VCID-u4hp-dwsj-53b9
40
vulnerability VCID-ubyg-pbmy-ekds
41
vulnerability VCID-vuzz-by1n-aff9
42
vulnerability VCID-w384-t6ne-s3g7
43
vulnerability VCID-w4dd-77t2-wuc7
44
vulnerability VCID-wurt-zx5x-8kds
45
vulnerability VCID-wv5n-ccn5-fqc2
46
vulnerability VCID-xaqm-x1w4-s3hn
47
vulnerability VCID-xwr8-85au-ukd7
48
vulnerability VCID-ytep-z8dn-vfh7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23920
reference_id
reference_type
scores
0
value 0.0007
scoring_system epss
scoring_elements 0.21608
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23920
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23920
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23920
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://support.zabbix.com/browse/ZBX-27639
reference_id ZBX-27639
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T19:24:03Z/
url https://support.zabbix.com/browse/ZBX-27639
Weaknesses
0
cwe_id 78
name Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
description The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Exploits
Severity_range_score7.7 - 8.8
Exploitability0.5
Weighted_severity0.0
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-frdw-trch-uufq