{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/351596?format=json","vulnerability_id":"VCID-m2qr-wk7f-8uda","summary":"","aliases":[{"alias":"CVE-2026-40223"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/940463?format=json","purl":"pkg:deb/debian/systemd@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940442?format=json","purl":"pkg:deb/debian/systemd@247.3-7%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4eyp-2xve-qugd"},{"vulnerability":"VCID-4n47-ffax-sbdu"},{"vulnerability":"VCID-cgv9-wdwy-5qfu"},{"vulnerability":"VCID-fp54-ff23-vbb5"},{"vulnerability":"VCID-hwg6-vaus-cfa2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@247.3-7%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940440?format=json","purl":"pkg:deb/debian/systemd@252.39-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4eyp-2xve-qugd"},{"vulnerability":"VCID-4n47-ffax-sbdu"},{"vulnerability":"VCID-fp54-ff23-vbb5"},{"vulnerability":"VCID-hwg6-vaus-cfa2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@252.39-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940444?format=json","purl":"pkg:deb/debian/systemd@257.9-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4eyp-2xve-qugd"},{"vulnerability":"VCID-4n47-ffax-sbdu"},{"vulnerability":"VCID-fp54-ff23-vbb5"},{"vulnerability":"VCID-hwg6-vaus-cfa2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@257.9-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062542?format=json","purl":"pkg:deb/debian/systemd@260~rc1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@260~rc1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/940443?format=json","purl":"pkg:deb/debian/systemd@260.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@260.1-1%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1072982?format=json","purl":"pkg:rpm/redhat/systemd-main@260.1-2.1?arch=hum1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4eyp-2xve-qugd"},{"vulnerability":"VCID-fp54-ff23-vbb5"},{"vulnerability":"VCID-fq31-vafy-a3ex"},{"vulnerability":"VCID-hwg6-vaus-cfa2"},{"vulnerability":"VCID-m2qr-wk7f-8uda"},{"vulnerability":"VCID-sejj-hs68-n3gs"},{"vulnerability":"VCID-v7z5-xs49-r3ar"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/systemd-main@260.1-2.1%3Farch=hum1"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40223.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40223.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40223","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02077","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02091","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02072","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02828","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02847","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.0284","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02735","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40223"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457318","reference_id":"2457318","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457318"},{"reference_url":"https://github.com/systemd/systemd/security/advisories/GHSA-x4h8-rrrg-q78f","reference_id":"GHSA-x4h8-rrrg-q78f","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T03:25:05Z/"}],"url":"https://github.com/systemd/systemd/security/advisories/GHSA-x4h8-rrrg-q78f"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7299","reference_id":"RHSA-2026:7299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7299"}],"weaknesses":[{"cwe_id":617,"name":"Reachable Assertion","description":"The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary."},{"cwe_id":696,"name":"Incorrect Behavior Order","description":"The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways which may produce resultant weaknesses."}],"exploits":[],"severity_range_score":"4.7 - 4.7","exploitability":"0.5","weighted_severity":"4.2","risk_score":2.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m2qr-wk7f-8uda"}