github
diff --git a/‎advisories/unreviewed/2023/12/GHSA-6x7c-m4cm-f7rp/GHSA-6x7c-m4cm-f7rp.json‎
Lines changed: 2 additions & 2 deletions b/‎advisories/unreviewed/2023/12/GHSA-6x7c-m4cm-f7rp/GHSA-6x7c-m4cm-f7rp.json‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎advisories/unreviewed/2023/12/GHSA-88m5-rfvg-rhq2/GHSA-88m5-rfvg-rhq2.json‎
Lines changed: 2 additions & 2 deletions b/‎advisories/unreviewed/2023/12/GHSA-88m5-rfvg-rhq2/GHSA-88m5-rfvg-rhq2.json‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎advisories/unreviewed/2023/12/GHSA-fpr5-pmwh-c27h/GHSA-fpr5-pmwh-c27h.json‎
Lines changed: 2 additions & 2 deletions b/‎advisories/unreviewed/2023/12/GHSA-fpr5-pmwh-c27h/GHSA-fpr5-pmwh-c27h.json‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎advisories/unreviewed/2023/12/GHSA-mh75-hrg8-8qhx/GHSA-mh75-hrg8-8qhx.json‎
Lines changed: 2 additions & 2 deletions b/‎advisories/unreviewed/2023/12/GHSA-mh75-hrg8-8qhx/GHSA-mh75-hrg8-8qhx.json‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎advisories/unreviewed/2023/12/GHSA-phgv-cmcv-w837/GHSA-phgv-cmcv-w837.json‎
Lines changed: 2 additions & 2 deletions b/‎advisories/unreviewed/2023/12/GHSA-phgv-cmcv-w837/GHSA-phgv-cmcv-w837.json‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎advisories/unreviewed/2023/12/GHSA-v4xf-p739-569h/GHSA-v4xf-p739-569h.json‎
Lines changed: 2 additions & 2 deletions b/‎advisories/unreviewed/2023/12/GHSA-v4xf-p739-569h/GHSA-v4xf-p739-569h.json‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎advisories/unreviewed/2025/04/GHSA-535p-c89j-pqj5/GHSA-535p-c89j-pqj5.json‎
Lines changed: 3 additions & 1 deletion b/‎advisories/unreviewed/2025/04/GHSA-535p-c89j-pqj5/GHSA-535p-c89j-pqj5.json‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎advisories/unreviewed/2025/07/GHSA-3pvj-q7qj-89fg/GHSA-3pvj-q7qj-89fg.json‎
Lines changed: 5 additions & 1 deletion b/‎advisories/unreviewed/2025/07/GHSA-3pvj-q7qj-89fg/GHSA-3pvj-q7qj-89fg.json‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎advisories/unreviewed/2025/09/GHSA-3rrf-jrxv-9vpm/GHSA-3rrf-jrxv-9vpm.json‎
Lines changed: 8 additions & 3 deletions b/‎advisories/unreviewed/2025/09/GHSA-3rrf-jrxv-9vpm/GHSA-3rrf-jrxv-9vpm.json‎
Lines changed: 8 additions & 3 deletions
diff --git a/‎advisories/unreviewed/2025/09/GHSA-5jqr-8vwq-w36c/GHSA-5jqr-8vwq-w36c.json‎
Lines changed: 11 additions & 4 deletions b/‎advisories/unreviewed/2025/09/GHSA-5jqr-8vwq-w36c/GHSA-5jqr-8vwq-w36c.json‎
Lines changed: 11 additions & 4 deletions
@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6x7c-m4cm-f7rp",
-  "modified": "2023-12-29T03:30:29Z",
+  "modified": "2026-01-27T18:32:04Z",
   "published": "2023-12-29T03:30:29Z",
   "aliases": [
     "CVE-2023-23436"
   ],
-  "details": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file\n\n\n\n\n",
+  "details": "Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file",
   "severity": [
     {
       "type": "CVSS_V3",
 
@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-88m5-rfvg-rhq2",
-  "modified": "2023-12-29T06:30:29Z",
+  "modified": "2026-01-27T18:32:05Z",
   "published": "2023-12-29T06:30:29Z",
   "aliases": [
     "CVE-2023-23442"
   ],
-  "details": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n",
+  "details": "Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.",
   "severity": [
     {
       "type": "CVSS_V3",
 
@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-fpr5-pmwh-c27h",
-  "modified": "2023-12-29T03:30:29Z",
+  "modified": "2026-01-27T18:32:04Z",
   "published": "2023-12-29T03:30:29Z",
   "aliases": [
     "CVE-2023-23429"
   ],
-  "details": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\n\n",
+  "details": "Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.",
   "severity": [
     {
       "type": "CVSS_V3",
 
@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-mh75-hrg8-8qhx",
-  "modified": "2023-12-29T03:30:29Z",
+  "modified": "2026-01-27T18:32:04Z",
   "published": "2023-12-29T03:30:29Z",
   "aliases": [
     "CVE-2023-23428"
   ],
-  "details": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\n\n",
+  "details": "Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.",
   "severity": [
     {
       "type": "CVSS_V3",
 
@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-phgv-cmcv-w837",
-  "modified": "2023-12-29T03:30:28Z",
+  "modified": "2026-01-27T18:32:04Z",
   "published": "2023-12-29T03:30:28Z",
   "aliases": [
     "CVE-2023-23435"
   ],
-  "details": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file\n\n",
+  "details": "Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file",
   "severity": [
     {
       "type": "CVSS_V3",
 
@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-v4xf-p739-569h",
-  "modified": "2023-12-29T03:30:29Z",
+  "modified": "2026-01-27T18:32:04Z",
   "published": "2023-12-29T03:30:29Z",
   "aliases": [
     "CVE-2023-23427"
   ],
-  "details": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\n\n",
+  "details": "Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.",
   "severity": [
     {
       "type": "CVSS_V3",
 
@@ -25,7 +25,9 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
+    "cwe_ids": [
+      "CWE-922"
+    ],
     "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
 
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-3pvj-q7qj-89fg",
-  "modified": "2026-01-22T21:33:43Z",
+  "modified": "2026-01-27T18:32:05Z",
   "published": "2025-07-07T15:30:39Z",
   "aliases": [
     "CVE-2025-5987"
@@ -47,6 +47,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:0702"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:0978"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2025-5987"
 
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-3rrf-jrxv-9vpm",
-  "modified": "2025-11-03T18:31:39Z",
+  "modified": "2026-01-27T18:32:05Z",
   "published": "2025-09-05T18:31:26Z",
   "aliases": [
     "CVE-2025-39687"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: as73211: Ensure buffer holes are zeroed\n\nGiven that the buffer is copied to a kfifo that ultimately user space\ncan read, ensure we zero it.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -53,7 +58,7 @@
   ],
   "database_specific": {
     "cwe_ids": [],
-    "severity": null,
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-09-05T18:15:45Z"
 
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-5jqr-8vwq-w36c",
-  "modified": "2025-11-03T18:31:38Z",
+  "modified": "2026-01-27T18:32:05Z",
   "published": "2025-09-05T18:31:16Z",
   "aliases": [
     "CVE-2025-38708"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrbd: add missing kref_get in handle_write_conflicts\n\nWith `two-primaries` enabled, DRBD tries to detect \"concurrent\" writes\nand handle write conflicts, so that even if you write to the same sector\nsimultaneously on both nodes, they end up with the identical data once\nthe writes are completed.\n\nIn handling \"superseeded\" writes, we forgot a kref_get,\nresulting in a premature drbd_destroy_device and use after free,\nand further to kernel crashes with symptoms.\n\nRelevance: No one should use DRBD as a random data generator, and apparently\nall users of \"two-primaries\" handle concurrent writes correctly on layer up.\nThat is cluster file systems use some distributed lock manager,\nand live migration in virtualization environments stops writes on one node\nbefore starting writes on the other node.\n\nWhich means that other than for \"test cases\",\nthis code path is never taken in real life.\n\nFYI, in DRBD 9, things are handled differently nowadays.  We still detect\n\"write conflicts\", but no longer try to be smart about them.\nWe decided to disconnect hard instead: upper layers must not submit concurrent\nwrites. If they do, that's their fault.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -60,8 +65,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-416"
+    ],
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-09-04T16:15:39Z"