Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-u99z-h86h-1fbu
SummaryAn unauthenticated attacker can exploit the Frontend 'validate' action to blindly instantiate arbitrary PHP classes. The impact depends on environment setup but appears limited at this time.
Aliases
0
alias CVE-2026-23923
Fixed_packages
0
url pkg:deb/debian/zabbix@0?distro=trixie
purl pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie
1
url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18kh-njx3-p7aw
1
vulnerability VCID-53f2-uzt4-pqgs
2
vulnerability VCID-8zqh-3xt2-nbdq
3
vulnerability VCID-bff2-nhum-ckhj
4
vulnerability VCID-dr1v-72p6-2yhn
5
vulnerability VCID-frdw-trch-uufq
6
vulnerability VCID-gapt-kwkw-kkek
7
vulnerability VCID-gj5s-dde8-1ubx
8
vulnerability VCID-nv7m-hsr3-17gk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie
2
url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18kh-njx3-p7aw
1
vulnerability VCID-21tq-54r3-cqec
2
vulnerability VCID-2jas-5kc1-puat
3
vulnerability VCID-35gu-ctk8-2yd2
4
vulnerability VCID-3azv-fsyx-n3fz
5
vulnerability VCID-3stx-z7ze-wbe8
6
vulnerability VCID-53f2-uzt4-pqgs
7
vulnerability VCID-547k-dyst-k3gx
8
vulnerability VCID-5t3t-6uqs-akbk
9
vulnerability VCID-75fb-vhhc-fbe8
10
vulnerability VCID-7ajm-my3d-7fgy
11
vulnerability VCID-8eb9-mxpg-5kf2
12
vulnerability VCID-8zqh-3xt2-nbdq
13
vulnerability VCID-ambh-afzs-2kg9
14
vulnerability VCID-beqm-vczf-dqgj
15
vulnerability VCID-bff2-nhum-ckhj
16
vulnerability VCID-buz8-zycr-tbh2
17
vulnerability VCID-dr1v-72p6-2yhn
18
vulnerability VCID-fefk-6mjh-67fm
19
vulnerability VCID-frdw-trch-uufq
20
vulnerability VCID-gapt-kwkw-kkek
21
vulnerability VCID-gj5s-dde8-1ubx
22
vulnerability VCID-h5fw-ktc6-rqd3
23
vulnerability VCID-hhsz-ba47-zka4
24
vulnerability VCID-jate-jey2-n3g1
25
vulnerability VCID-jkcz-zpks-ubgz
26
vulnerability VCID-jked-29nn-tqe3
27
vulnerability VCID-jx4z-thz3-rbdw
28
vulnerability VCID-jy3a-zvh4-b3ag
29
vulnerability VCID-kfz9-wq8k-nkb3
30
vulnerability VCID-m5us-tmqh-wkbm
31
vulnerability VCID-mpy5-d7qa-u7fz
32
vulnerability VCID-n38c-6usb-tkgq
33
vulnerability VCID-nv7m-hsr3-17gk
34
vulnerability VCID-pgj4-u64z-17bt
35
vulnerability VCID-pr1g-m4k2-1ue1
36
vulnerability VCID-sc8u-4w9c-23ev
37
vulnerability VCID-t864-v2g6-jbhk
38
vulnerability VCID-tbsd-gk6n-9ygc
39
vulnerability VCID-u4hp-dwsj-53b9
40
vulnerability VCID-ubyg-pbmy-ekds
41
vulnerability VCID-vuzz-by1n-aff9
42
vulnerability VCID-w384-t6ne-s3g7
43
vulnerability VCID-w4dd-77t2-wuc7
44
vulnerability VCID-wurt-zx5x-8kds
45
vulnerability VCID-wv5n-ccn5-fqc2
46
vulnerability VCID-xaqm-x1w4-s3hn
47
vulnerability VCID-xwr8-85au-ukd7
48
vulnerability VCID-ytep-z8dn-vfh7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie
3
url pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
purl pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23923
reference_id
reference_type
scores
0
value 0.0011
scoring_system epss
scoring_elements 0.29017
published_at 2026-06-05T12:55:00Z
1
value 0.0011
scoring_system epss
scoring_elements 0.28983
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23923
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://support.zabbix.com/browse/ZBX-27641
reference_id ZBX-27641
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:53Z/
url https://support.zabbix.com/browse/ZBX-27641
Weaknesses
0
cwe_id 470
name Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
description The product uses external input with reflection to select which classes or code to use, but it does not sufficiently prevent the input from selecting improper classes or code.
Exploits
Severity_range_score5.3 - 6.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-u99z-h86h-1fbu