Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-pte7-qsjh-fbg1
Vulnerability ID VCID-pte7-qsjh-fbg1
Aliases CVE-2021-39165
GHSA-79mg-4w23-4fqc
Summary
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-287 Improper Authentication
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.80411 https://api.first.org/data/v1/epss?cve=CVE-2021-39165
epss 0.80411 https://api.first.org/data/v1/epss?cve=CVE-2021-39165
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-79mg-4w23-4fqc
cvssv3.1 8.1 https://github.com/fiveai/Cachet/commit/27bca8280419966ba80c6fa283d985ddffa84bb6
generic_textual HIGH https://github.com/fiveai/Cachet/commit/27bca8280419966ba80c6fa283d985ddffa84bb6
cvssv3.1 8.1 https://github.com/fiveai/Cachet/security/advisories/GHSA-79mg-4w23-4fqc
cvssv3.1_qr HIGH https://github.com/fiveai/Cachet/security/advisories/GHSA-79mg-4w23-4fqc
generic_textual HIGH https://github.com/fiveai/Cachet/security/advisories/GHSA-79mg-4w23-4fqc
cvssv3.1 8.1 https://nvd.nist.gov/vuln/detail/CVE-2021-39165
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2021-39165
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2021-39165
https://github.com/fiveai/Cachet/commit/27bca8280419966ba80c6fa283d985ddffa84bb6
https://github.com/fiveai/Cachet/security/advisories/GHSA-79mg-4w23-4fqc
https://nvd.nist.gov/vuln/detail/CVE-2021-39165
GHSA-79mg-4w23-4fqc https://github.com/advisories/GHSA-79mg-4w23-4fqc
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Found at https://github.com/fiveai/Cachet/commit/27bca8280419966ba80c6fa283d985ddffa84bb6
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Found at https://github.com/fiveai/Cachet/security/advisories/GHSA-79mg-4w23-4fqc
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2021-39165
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.99151
EPSS Score 0.80411
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-12T02:02:15.542615+00:00 EPSS Importer Import https://epss.cyentia.com/epss_scores-current.csv.gz 38.6.0