Advisory Database Sync

Author: advisory-database[bot]

advisories/unreviewed/2023/04/GHSA-2c69-r2jh-xjvm/GHSA-2c69-r2jh-xjvm.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2c69-r2jh-xjvm",
-  "modified": "2023-04-20T18:30:50Z",
+  "modified": "2026-04-20T21:31:37Z",
   "published": "2023-04-20T18:30:50Z",
   "aliases": [
     "CVE-2023-27351"
@@ -19,6 +19,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27351"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-27351"
+    },
     {
       "type": "WEB",
       "url": "https://www.papercut.com/kb/Main/PO-1216-and-PO-1219"

advisories/unreviewed/2024/03/GHSA-m7gg-q7qj-3r2r/GHSA-m7gg-q7qj-3r2r.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-m7gg-q7qj-3r2r",
-  "modified": "2025-05-30T18:30:51Z",
+  "modified": "2026-04-20T21:31:37Z",
   "published": "2024-03-04T18:30:39Z",
   "aliases": [
     "CVE-2024-27199"
@@ -23,6 +23,10 @@
       "type": "WEB",
       "url": "https://github.com/Stuub/RCity-CVE-2024-27198/blob/main/RCity.py"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-27199"
+    },
     {
       "type": "WEB",
       "url": "https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive"

advisories/unreviewed/2025/03/GHSA-g53h-cfhr-24hw/GHSA-g53h-cfhr-24hw.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-g53h-cfhr-24hw",
-  "modified": "2025-11-05T00:31:17Z",
+  "modified": "2026-04-20T21:31:38Z",
   "published": "2025-03-24T21:30:33Z",
   "aliases": [
     "CVE-2025-2749"
@@ -27,6 +27,10 @@
       "type": "WEB",
       "url": "https://labs.watchtowr.com/bypassing-authentication-like-its-the-90s-pre-auth-rce-chain-s-in-kentico-xperience-cms"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-2749"
+    },
     {
       "type": "WEB",
       "url": "https://www.vulncheck.com/advisories/kentico-xperience-staging-media-file-upload-authenticated-rce"

advisories/unreviewed/2025/06/GHSA-hrwx-88rh-95q7/GHSA-hrwx-88rh-95q7.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-hrwx-88rh-95q7",
-  "modified": "2025-11-03T21:34:05Z",
+  "modified": "2026-04-20T21:31:38Z",
   "published": "2025-06-26T21:31:08Z",
   "aliases": [
     "CVE-2025-32975"
@@ -31,6 +31,10 @@
       "type": "WEB",
       "url": "https://support.quest.com/kb/4379499/quest-response-to-kace-sma-vulnerabilities-cve-2025-32975-cve-2025-32976-cve-2025-32977-cve-2025-32978"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-32975"
+    },
     {
       "type": "WEB",
       "url": "http://seclists.org/fulldisclosure/2025/Jun/25"

advisories/unreviewed/2025/06/GHSA-wmq6-ffv7-gqwf/GHSA-wmq6-ffv7-gqwf.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-wmq6-ffv7-gqwf",
-  "modified": "2025-07-11T15:31:34Z",
+  "modified": "2026-04-20T21:31:38Z",
   "published": "2025-06-23T15:31:42Z",
   "aliases": [
     "CVE-2025-48700"
@@ -30,6 +30,10 @@
     {
       "type": "WEB",
       "url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-48700"
     }
   ],
   "database_specific": {

advisories/unreviewed/2026/02/GHSA-9qpv-49q8-9chx/GHSA-9qpv-49q8-9chx.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-9qpv-49q8-9chx",
-  "modified": "2026-02-25T18:31:38Z",
+  "modified": "2026-04-20T21:31:38Z",
   "published": "2026-02-25T18:31:38Z",
   "aliases": [
     "CVE-2026-20122"
@@ -22,6 +22,10 @@
     {
       "type": "WEB",
       "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20122"
     }
   ],
   "database_specific": {

advisories/unreviewed/2026/02/GHSA-cf88-f64q-c626/GHSA-cf88-f64q-c626.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-cf88-f64q-c626",
-  "modified": "2026-02-25T18:31:38Z",
+  "modified": "2026-04-20T21:31:38Z",
   "published": "2026-02-25T18:31:38Z",
   "aliases": [
     "CVE-2026-20133"
@@ -22,6 +22,10 @@
     {
       "type": "WEB",
       "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20133"
     }
   ],
   "database_specific": {

advisories/unreviewed/2026/02/GHSA-mp6j-7g85-8pg2/GHSA-mp6j-7g85-8pg2.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-mp6j-7g85-8pg2",
-  "modified": "2026-02-25T18:31:38Z",
+  "modified": "2026-04-20T21:31:38Z",
   "published": "2026-02-25T18:31:38Z",
   "aliases": [
     "CVE-2026-20128"
@@ -22,6 +22,10 @@
     {
       "type": "WEB",
       "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20128"
     }
   ],
   "database_specific": {

advisories/unreviewed/2026/04/GHSA-2vgw-r373-m9qx/GHSA-2vgw-r373-m9qx.json

@@ -0,0 +1,37 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2vgw-r373-m9qx",
+  "modified": "2026-04-20T21:31:46Z",
+  "published": "2026-04-20T21:31:46Z",
+  "aliases": [
+    "CVE-2026-29648"
+  ],
+  "details": "In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG does not correctly restrict access to henvcfg and senvcfg. As a result, less-privileged code may read or write these CSRs without the required exception, potentially bypassing intended state-enable based isolation controls in virtualized or multi-privilege environments.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29648"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/OpenXiangShan/NEMU/issues/690"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/OpenXiangShan/XiangShan/pull/3978"
+    },
+    {
+      "type": "WEB",
+      "url": "https://docs.riscv.org/reference/isa/priv/smstateen.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-20T21:16:19Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-4cgq-vq3r-c9r4/GHSA-4cgq-vq3r-c9r4.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4cgq-vq3r-c9r4",
-  "modified": "2026-04-20T18:31:49Z",
+  "modified": "2026-04-20T21:31:43Z",
   "published": "2026-04-20T18:31:49Z",
   "aliases": [
     "CVE-2026-30269"
   ],
   "details": "Improper access control in Doorman v0.1.0 and v1.0.2 allows any authenticated user to update their own account role to a non-admin privileged role via /platform/user/{username}. The `role` field is accepted by the update model without a manage_users permission check for self-updates, enabling privilege escalation to high-privileged roles.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -24,8 +29,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-269"
+    ],
+    "severity": "CRITICAL",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2026-04-20T17:16:33Z"