Publish Advisories

GHSA-p76p-fh7v-f8jw
GHSA-hp9p-9hpg-4rpv
GHSA-29gc-r2qh-wc5v
GHSA-2v8h-5826-r95p
GHSA-4wq3-r6vg-34q5
GHSA-7r2g-px2q-wrcx
GHSA-7x99-8x99-xc54
GHSA-88jg-rrgx-r8v9
GHSA-8mvr-hqm9-fqrf
GHSA-9ccr-8mmh-vx6x
GHSA-c7qp-pc4p-62xw
GHSA-c97g-77hh-hcrq
GHSA-crr3-w29j-c6x6
GHSA-f2cj-whwv-wjfw
GHSA-f3vq-4x38-vg3x
GHSA-hj59-mf6x-2j8w
GHSA-hw59-9cp8-jmr3
GHSA-j3jp-gmvh-ppvr
GHSA-mw8h-g64c-rxv4
GHSA-r8x9-f3r5-3x8j

Author: advisory-database[bot]

advisories/unreviewed/2025/09/GHSA-p76p-fh7v-f8jw/GHSA-p76p-fh7v-f8jw.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-p76p-fh7v-f8jw",
-  "modified": "2025-11-03T18:31:39Z",
+  "modified": "2026-01-10T00:30:27Z",
   "published": "2025-09-05T18:31:25Z",
   "aliases": [
     "CVE-2025-38732"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_reject: don't leak dst refcount for loopback packets\n\nrecent patches to add a WARN() when replacing skb dst entry found an\nold bug:\n\nWARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include/linux/skbuff.h:1164 [inline]\nWARNING: include/linux/skbuff.h:1165 skb_dst_set include/linux/skbuff.h:1210 [inline]\nWARNING: include/linux/skbuff.h:1165 nf_reject_fill_skb_dst+0x2a4/0x330 net/ipv4/netfilter/nf_reject_ipv4.c:234\n[..]\nCall Trace:\n nf_send_unreach+0x17b/0x6e0 net/ipv4/netfilter/nf_reject_ipv4.c:325\n nft_reject_inet_eval+0x4bc/0x690 net/netfilter/nft_reject_inet.c:27\n expr_call_ops_eval net/netfilter/nf_tables_core.c:237 [inline]\n ..\n\nThis is because blamed commit forgot about loopback packets.\nSuch packets already have a dst_entry attached, even at PRE_ROUTING stage.\n\nInstead of checking hook just check if the skb already has a route\nattached to it.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -53,7 +58,7 @@
   ],
   "database_specific": {
     "cwe_ids": [],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-09-05T18:15:42Z"

advisories/unreviewed/2025/12/GHSA-hp9p-9hpg-4rpv/GHSA-hp9p-9hpg-4rpv.json

@@ -46,7 +46,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-74"
+      "CWE-74",
+      "CWE-89"
     ],
     "severity": "MODERATE",
     "github_reviewed": false,

advisories/unreviewed/2026/01/GHSA-29gc-r2qh-wc5v/GHSA-29gc-r2qh-wc5v.json

@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-29gc-r2qh-wc5v",
+  "modified": "2026-01-10T00:30:30Z",
+  "published": "2026-01-10T00:30:30Z",
+  "aliases": [
+    "CVE-2025-46299"
+  ],
+  "details": "A memory initialization issue was addressed with improved memory handling. This issue is fixed in tvOS 26.2, Safari 26.2, watchOS 26.2, visionOS 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may disclose internal states of the app.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46299"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/125884"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/125886"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/125889"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/125890"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/125891"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/125892"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-284"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-09T22:15:59Z"
+  }
+}

advisories/unreviewed/2026/01/GHSA-2v8h-5826-r95p/GHSA-2v8h-5826-r95p.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2v8h-5826-r95p",
-  "modified": "2026-01-09T21:31:35Z",
+  "modified": "2026-01-10T00:30:29Z",
   "published": "2026-01-09T21:31:35Z",
   "aliases": [
     "CVE-2025-66715"
   ],
   "details": "A DLL hijacking vulnerability in Axtion ODISSAAS ODIS v1.8.4 allows attackers to execute arbitrary code via a crafted DLL file.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -24,8 +29,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-77"
+    ],
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2026-01-09T20:15:51Z"

advisories/unreviewed/2026/01/GHSA-4wq3-r6vg-34q5/GHSA-4wq3-r6vg-34q5.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-4wq3-r6vg-34q5",
+  "modified": "2026-01-10T00:30:31Z",
+  "published": "2026-01-10T00:30:30Z",
+  "aliases": [
+    "CVE-2025-62487"
+  ],
+  "details": "### Details\nOn October 1, 2025, Palantir discovered that images uploaded through the Dossier front-end app were not being marked correctly with the proper security levels. The regression was traced back to a change in May 2025, which was meant to allow file uploads to be shared among different artifacts (e.g. other dossiers and presentations).\n\nOn deployments configured with CBAC, the front-end would present a security picker dialog to set the security level on the uploads, thereby mitigating the issue.\n\nOn deployments without a CBAC configuration, no security picker dialog appears, leading to a security level of CUSTOM with no markings or datasets selected. The resulting markings and groups for the file uploads thus will be only those added by the “Default authorization rules” defined in the Auth Chooser configuration. On most environments, it is expected that the “Default authorization rules\" only add the Everyone group.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62487"
+    },
+    {
+      "type": "WEB",
+      "url": "https://palantir.safebase.us/?tcuUid=c91a1b4f-72e7-4959-9e2d-3a341e5c7a1f"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-863"
+    ],
+    "severity": "LOW",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-09T22:16:00Z"
+  }
+}

advisories/unreviewed/2026/01/GHSA-7r2g-px2q-wrcx/GHSA-7r2g-px2q-wrcx.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-7r2g-px2q-wrcx",
-  "modified": "2026-01-09T21:31:35Z",
+  "modified": "2026-01-10T00:30:29Z",
   "published": "2026-01-09T21:31:35Z",
   "aliases": [
     "CVE-2025-67810"
   ],
   "details": "In Area9 Rhapsode 1.47.3, an authenticated attacker can exploit the operation, url, and filename parameters via POST request to read arbitrary files from the server filesystem. Fixed in 1.47.4 (#7254) and further versions.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -24,8 +29,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-125"
+    ],
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2026-01-09T20:15:51Z"

advisories/unreviewed/2026/01/GHSA-7x99-8x99-xc54/GHSA-7x99-8x99-xc54.json

@@ -0,0 +1,31 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-7x99-8x99-xc54",
+  "modified": "2026-01-10T00:30:31Z",
+  "published": "2026-01-10T00:30:30Z",
+  "aliases": [
+    "CVE-2026-22584"
+  ],
+  "details": "Improper Control of Generation of Code ('Code Injection') vulnerability in Salesforce Uni2TS on MacOS, Windows, Linux allows Leverage Executable Code in Non-Executable Files.This issue affects Uni2TS: through 1.2.0.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22584"
+    },
+    {
+      "type": "WEB",
+      "url": "https://help.salesforce.com/s/articleView?id=005239354&type=1"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-94"
+    ],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-09T22:16:01Z"
+  }
+}

advisories/unreviewed/2026/01/GHSA-88jg-rrgx-r8v9/GHSA-88jg-rrgx-r8v9.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-88jg-rrgx-r8v9",
-  "modified": "2026-01-09T21:31:35Z",
+  "modified": "2026-01-10T00:30:29Z",
   "published": "2026-01-09T21:31:35Z",
   "aliases": [
     "CVE-2025-51626"
   ],
   "details": "SQL injection vulnerability in pss.sale.com 1.0 via the id parameter to the userfiles/php/cancel_order.php endpoint.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -24,8 +29,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2026-01-09T21:16:13Z"

advisories/unreviewed/2026/01/GHSA-8mvr-hqm9-fqrf/GHSA-8mvr-hqm9-fqrf.json

@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-8mvr-hqm9-fqrf",
+  "modified": "2026-01-10T00:30:30Z",
+  "published": "2026-01-10T00:30:30Z",
+  "aliases": [
+    "CVE-2025-15499"
+  ],
+  "details": "A vulnerability has been found in Sangfor Operation and Maintenance Management System up to 3.0.8. This vulnerability affects the function uploadCN of the file VersionController.java. The manipulation of the argument filename leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15499"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/master-abc/cve/issues/10"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/master-abc/cve/issues/10#issue-3770540830"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.340344"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.340344"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.727207"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-77"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-09T22:15:58Z"
+  }
+}

advisories/unreviewed/2026/01/GHSA-9ccr-8mmh-vx6x/GHSA-9ccr-8mmh-vx6x.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-9ccr-8mmh-vx6x",
+  "modified": "2026-01-10T00:30:30Z",
+  "published": "2026-01-10T00:30:30Z",
+  "aliases": [
+    "CVE-2025-46286"
+  ],
+  "details": "A logic issue was addressed with improved validation. This issue is fixed in iOS 26.2 and iPadOS 26.2. Restoring from a backup may prevent passcode from being required immediately after Face ID enrollment.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46286"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/125884"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-288"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-09T22:15:59Z"
+  }
+}