Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit 4fc3c98e2b5e · 2026-01-30T06:31:37.000Z
GHSA-7cmq-hgvr-hmwp GHSA-mhm4-qp75-jmxw GHSA-p4wg-48wq-x28w GHSA-rw77-76p7-66x5 GHSA-v8qv-xx7v-pc2c GHSA-g6gp-xc9x-p59q GHSA-345h-g8ww-x3jg GHSA-3qgf-wxfj-pf5j GHSA-5q87-jcg7-9vrx GHSA-7x8r-3fp7-rjm3 GHSA-fr4w-97qg-9f45 GHSA-gcgg-59wq-55r2 GHSA-j9qc-jfwp-9x62 GHSA-jf99-74qp-89mx GHSA-q5hf-m4v3-72f4 GHSA-rcw8-rm48-wjhg GHSA-wqwp-c8g7-73q2
diff --git a/advisories/unreviewed/2025/09/GHSA-7cmq-hgvr-hmwp/GHSA-7cmq-hgvr-hmwp.json b/advisories/unreviewed/2025/09/GHSA-7cmq-hgvr-hmwp/GHSA-7cmq-hgvr-hmwp.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-7cmq-hgvr-hmwp",
-  "modified": "2025-09-25T15:30:23Z",
+  "modified": "2026-01-30T06:30:15Z",
   "published": "2025-09-25T15:30:23Z",
   "aliases": [
     "CVE-2025-54943"
@@ -26,6 +26,10 @@
     {
       "type": "WEB",
       "url": "https://zuso.ai/advisory"
+    },
+    {
+      "type": "WEB",
+      "url": "https://zuso.ai/advisory/za-2025-11"
     }
   ],
   "database_specific": {
diff --git a/advisories/unreviewed/2025/09/GHSA-mhm4-qp75-jmxw/GHSA-mhm4-qp75-jmxw.json b/advisories/unreviewed/2025/09/GHSA-mhm4-qp75-jmxw/GHSA-mhm4-qp75-jmxw.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-mhm4-qp75-jmxw",
-  "modified": "2025-09-25T15:30:23Z",
+  "modified": "2026-01-30T06:30:15Z",
   "published": "2025-09-25T15:30:23Z",
   "aliases": [
     "CVE-2025-54945"
@@ -26,6 +26,10 @@
     {
       "type": "WEB",
       "url": "https://zuso.ai/advisory"
+    },
+    {
+      "type": "WEB",
+      "url": "https://zuso.ai/advisory/za-2025-13"
     }
   ],
   "database_specific": {
diff --git a/advisories/unreviewed/2025/09/GHSA-p4wg-48wq-x28w/GHSA-p4wg-48wq-x28w.json b/advisories/unreviewed/2025/09/GHSA-p4wg-48wq-x28w/GHSA-p4wg-48wq-x28w.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-p4wg-48wq-x28w",
-  "modified": "2025-09-25T15:30:23Z",
+  "modified": "2026-01-30T06:30:15Z",
   "published": "2025-09-25T15:30:23Z",
   "aliases": [
     "CVE-2025-54944"
@@ -26,6 +26,10 @@
     {
       "type": "WEB",
       "url": "https://zuso.ai/advisory"
+    },
+    {
+      "type": "WEB",
+      "url": "https://zuso.ai/advisory/za-2025-12"
     }
   ],
   "database_specific": {
diff --git a/advisories/unreviewed/2025/09/GHSA-rw77-76p7-66x5/GHSA-rw77-76p7-66x5.json b/advisories/unreviewed/2025/09/GHSA-rw77-76p7-66x5/GHSA-rw77-76p7-66x5.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-rw77-76p7-66x5",
-  "modified": "2025-09-25T15:30:23Z",
+  "modified": "2026-01-30T06:30:15Z",
   "published": "2025-09-25T15:30:22Z",
   "aliases": [
     "CVE-2025-54942"
@@ -26,6 +26,10 @@
     {
       "type": "WEB",
       "url": "https://zuso.ai/advisory"
+    },
+    {
+      "type": "WEB",
+      "url": "https://zuso.ai/advisory/za-2025-10"
     }
   ],
   "database_specific": {
diff --git a/advisories/unreviewed/2025/09/GHSA-v8qv-xx7v-pc2c/GHSA-v8qv-xx7v-pc2c.json b/advisories/unreviewed/2025/09/GHSA-v8qv-xx7v-pc2c/GHSA-v8qv-xx7v-pc2c.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-v8qv-xx7v-pc2c",
-  "modified": "2025-09-25T15:30:23Z",
+  "modified": "2026-01-30T06:30:15Z",
   "published": "2025-09-25T15:30:23Z",
   "aliases": [
     "CVE-2025-54946"
@@ -26,6 +26,10 @@
     {
       "type": "WEB",
       "url": "https://zuso.ai/advisory"
+    },
+    {
+      "type": "WEB",
+      "url": "https://zuso.ai/advisory/za-2025-14"
     }
   ],
   "database_specific": {
diff --git a/advisories/unreviewed/2025/10/GHSA-g6gp-xc9x-p59q/GHSA-g6gp-xc9x-p59q.json b/advisories/unreviewed/2025/10/GHSA-g6gp-xc9x-p59q/GHSA-g6gp-xc9x-p59q.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-g6gp-xc9x-p59q",
-  "modified": "2025-10-20T09:30:27Z",
+  "modified": "2026-01-30T06:30:15Z",
   "published": "2025-10-20T09:30:27Z",
   "aliases": [
     "CVE-2025-31342"
@@ -22,6 +22,10 @@
     {
       "type": "WEB",
       "url": "https://zuso.ai/advisory"
+    },
+    {
+      "type": "WEB",
+      "url": "https://zuso.ai/advisory/za-2025-15"
     }
   ],
   "database_specific": {
diff --git a/advisories/unreviewed/2026/01/GHSA-345h-g8ww-x3jg/GHSA-345h-g8ww-x3jg.json b/advisories/unreviewed/2026/01/GHSA-345h-g8ww-x3jg/GHSA-345h-g8ww-x3jg.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-345h-g8ww-x3jg",
+  "modified": "2026-01-30T06:30:15Z",
+  "published": "2026-01-30T06:30:15Z",
+  "aliases": [
+    "CVE-2026-24729"
+  ],
+  "details": "An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24729"
+    },
+    {
+      "type": "WEB",
+      "url": "https://zuso.ai/advisory/za-2026-02"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-434"
+    ],
+    "severity": "CRITICAL",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-30T05:16:33Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-3qgf-wxfj-pf5j/GHSA-3qgf-wxfj-pf5j.json b/advisories/unreviewed/2026/01/GHSA-3qgf-wxfj-pf5j/GHSA-3qgf-wxfj-pf5j.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3qgf-wxfj-pf5j",
+  "modified": "2026-01-30T06:30:15Z",
+  "published": "2026-01-30T06:30:15Z",
+  "aliases": [
+    "CVE-2026-24728"
+  ],
+  "details": "A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24728"
+    },
+    {
+      "type": "WEB",
+      "url": "https://zuso.ai/advisory/za-2026-01"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-306"
+    ],
+    "severity": "CRITICAL",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-30T05:16:33Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-5q87-jcg7-9vrx/GHSA-5q87-jcg7-9vrx.json b/advisories/unreviewed/2026/01/GHSA-5q87-jcg7-9vrx/GHSA-5q87-jcg7-9vrx.json
@@ -0,0 +1,25 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5q87-jcg7-9vrx",
+  "modified": "2026-01-30T06:30:15Z",
+  "published": "2026-01-30T06:30:15Z",
+  "aliases": [
+    "CVE-2026-25096"
+  ],
+  "details": "Rejected reason: Not used",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25096"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-30T05:16:34Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-7x8r-3fp7-rjm3/GHSA-7x8r-3fp7-rjm3.json b/advisories/unreviewed/2026/01/GHSA-7x8r-3fp7-rjm3/GHSA-7x8r-3fp7-rjm3.json
@@ -0,0 +1,25 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-7x8r-3fp7-rjm3",
+  "modified": "2026-01-30T06:30:15Z",
+  "published": "2026-01-30T06:30:15Z",
+  "aliases": [
+    "CVE-2026-25090"
+  ],
+  "details": "Rejected reason: Not used",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25090"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-30T05:16:33Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-fr4w-97qg-9f45/GHSA-fr4w-97qg-9f45.json b/advisories/unreviewed/2026/01/GHSA-fr4w-97qg-9f45/GHSA-fr4w-97qg-9f45.json
@@ -0,0 +1,25 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-fr4w-97qg-9f45",
+  "modified": "2026-01-30T06:30:15Z",
+  "published": "2026-01-30T06:30:15Z",
+  "aliases": [
+    "CVE-2026-25093"
+  ],
+  "details": "Rejected reason: Not used",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25093"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-30T05:16:33Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-gcgg-59wq-55r2/GHSA-gcgg-59wq-55r2.json b/advisories/unreviewed/2026/01/GHSA-gcgg-59wq-55r2/GHSA-gcgg-59wq-55r2.json
@@ -0,0 +1,25 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-gcgg-59wq-55r2",
+  "modified": "2026-01-30T06:30:15Z",
+  "published": "2026-01-30T06:30:15Z",
+  "aliases": [
+    "CVE-2026-25095"
+  ],
+  "details": "Rejected reason: Not used",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25095"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-30T05:16:34Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-j9qc-jfwp-9x62/GHSA-j9qc-jfwp-9x62.json b/advisories/unreviewed/2026/01/GHSA-j9qc-jfwp-9x62/GHSA-j9qc-jfwp-9x62.json
@@ -0,0 +1,25 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-j9qc-jfwp-9x62",
+  "modified": "2026-01-30T06:30:16Z",
+  "published": "2026-01-30T06:30:15Z",
+  "aliases": [
+    "CVE-2026-25097"
+  ],
+  "details": "Rejected reason: Not used",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25097"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-30T05:16:34Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-jf99-74qp-89mx/GHSA-jf99-74qp-89mx.json b/advisories/unreviewed/2026/01/GHSA-jf99-74qp-89mx/GHSA-jf99-74qp-89mx.json
@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-jf99-74qp-89mx",
+  "modified": "2026-01-30T06:30:15Z",
+  "published": "2026-01-30T06:30:15Z",
+  "aliases": [
+    "CVE-2026-24714"
+  ],
+  "details": "Some end of service NETGEAR products provide \"TelnetEnable\" functionality, which allows a magic packet to activate telnet service on the box.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24714"
+    },
+    {
+      "type": "WEB",
+      "url": "https://jvn.jp/en/jp/JVN46722282"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.netgear.com/about/eos"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-1242"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-30T05:16:33Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-q5hf-m4v3-72f4/GHSA-q5hf-m4v3-72f4.json b/advisories/unreviewed/2026/01/GHSA-q5hf-m4v3-72f4/GHSA-q5hf-m4v3-72f4.json
diff --git a/advisories/unreviewed/2026/01/GHSA-rcw8-rm48-wjhg/GHSA-rcw8-rm48-wjhg.json b/advisories/unreviewed/2026/01/GHSA-rcw8-rm48-wjhg/GHSA-rcw8-rm48-wjhg.json
diff --git a/advisories/unreviewed/2026/01/GHSA-wqwp-c8g7-73q2/GHSA-wqwp-c8g7-73q2.json b/advisories/unreviewed/2026/01/GHSA-wqwp-c8g7-73q2/GHSA-wqwp-c8g7-73q2.json

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-7cmq-hgvr-hmwp",`
`4`		`- "modified": "2025-09-25T15:30:23Z",`
	`4`	`+ "modified": "2026-01-30T06:30:15Z",`
`5`	`5`	`"published": "2025-09-25T15:30:23Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2025-54943"`
`@@ -26,6 +26,10 @@`
`26`	`26`	`{`
`27`	`27`	`"type": "WEB",`
`28`	`28`	`"url": "https://zuso.ai/advisory"`
	`29`	`+ },`
	`30`	`+ {`
	`31`	`+ "type": "WEB",`
	`32`	`+ "url": "https://zuso.ai/advisory/za-2025-11"`
`29`	`33`	`}`
`30`	`34`	`],`
`31`	`35`	`"database_specific": {`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-mhm4-qp75-jmxw",`
`4`		`- "modified": "2025-09-25T15:30:23Z",`
	`4`	`+ "modified": "2026-01-30T06:30:15Z",`
`5`	`5`	`"published": "2025-09-25T15:30:23Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2025-54945"`
`@@ -26,6 +26,10 @@`
`26`	`26`	`{`
`27`	`27`	`"type": "WEB",`
`28`	`28`	`"url": "https://zuso.ai/advisory"`
	`29`	`+ },`
	`30`	`+ {`
	`31`	`+ "type": "WEB",`
	`32`	`+ "url": "https://zuso.ai/advisory/za-2025-13"`
`29`	`33`	`}`
`30`	`34`	`],`
`31`	`35`	`"database_specific": {`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-p4wg-48wq-x28w",`
`4`		`- "modified": "2025-09-25T15:30:23Z",`
	`4`	`+ "modified": "2026-01-30T06:30:15Z",`
`5`	`5`	`"published": "2025-09-25T15:30:23Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2025-54944"`
`@@ -26,6 +26,10 @@`
`26`	`26`	`{`
`27`	`27`	`"type": "WEB",`
`28`	`28`	`"url": "https://zuso.ai/advisory"`
	`29`	`+ },`
	`30`	`+ {`
	`31`	`+ "type": "WEB",`
	`32`	`+ "url": "https://zuso.ai/advisory/za-2025-12"`
`29`	`33`	`}`
`30`	`34`	`],`
`31`	`35`	`"database_specific": {`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-rw77-76p7-66x5",`
`4`		`- "modified": "2025-09-25T15:30:23Z",`
	`4`	`+ "modified": "2026-01-30T06:30:15Z",`
`5`	`5`	`"published": "2025-09-25T15:30:22Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2025-54942"`
`@@ -26,6 +26,10 @@`
`26`	`26`	`{`
`27`	`27`	`"type": "WEB",`
`28`	`28`	`"url": "https://zuso.ai/advisory"`
	`29`	`+ },`
	`30`	`+ {`
	`31`	`+ "type": "WEB",`
	`32`	`+ "url": "https://zuso.ai/advisory/za-2025-10"`
`29`	`33`	`}`
`30`	`34`	`],`
`31`	`35`	`"database_specific": {`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-v8qv-xx7v-pc2c",`
`4`		`- "modified": "2025-09-25T15:30:23Z",`
	`4`	`+ "modified": "2026-01-30T06:30:15Z",`
`5`	`5`	`"published": "2025-09-25T15:30:23Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2025-54946"`
`@@ -26,6 +26,10 @@`
`26`	`26`	`{`
`27`	`27`	`"type": "WEB",`
`28`	`28`	`"url": "https://zuso.ai/advisory"`
	`29`	`+ },`
	`30`	`+ {`
	`31`	`+ "type": "WEB",`
	`32`	`+ "url": "https://zuso.ai/advisory/za-2025-14"`
`29`	`33`	`}`
`30`	`34`	`],`
`31`	`35`	`"database_specific": {`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-g6gp-xc9x-p59q",`
`4`		`- "modified": "2025-10-20T09:30:27Z",`
	`4`	`+ "modified": "2026-01-30T06:30:15Z",`
`5`	`5`	`"published": "2025-10-20T09:30:27Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2025-31342"`
`@@ -22,6 +22,10 @@`
`22`	`22`	`{`
`23`	`23`	`"type": "WEB",`
`24`	`24`	`"url": "https://zuso.ai/advisory"`
	`25`	`+ },`
	`26`	`+ {`
	`27`	`+ "type": "WEB",`
	`28`	`+ "url": "https://zuso.ai/advisory/za-2025-15"`
`25`	`29`	`}`
`26`	`30`	`],`
`27`	`31`	`"database_specific": {`