Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit 5ef496092049 · 2026-01-15T22:34:50.000Z
GHSA-2gqc-6j2q-83qp GHSA-4jrw-64vr-7g8m GHSA-54v4-4685-vwrj GHSA-6738-r8g5-qwp3 GHSA-gjqq-6r35-w3r8 GHSA-j2f3-wq62-6q46 GHSA-j62c-4x62-9r35 GHSA-mp2g-9vg9-f4cg GHSA-pvm5-9frx-264r GHSA-vw5p-8cq8-m7mv
diff --git a/advisories/github-reviewed/2026/01/GHSA-2gqc-6j2q-83qp/GHSA-2gqc-6j2q-83qp.json b/advisories/github-reviewed/2026/01/GHSA-2gqc-6j2q-83qp/GHSA-2gqc-6j2q-83qp.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2gqc-6j2q-83qp",
-  "modified": "2026-01-15T20:17:32Z",
+  "modified": "2026-01-15T22:34:28Z",
   "published": "2026-01-15T18:17:15Z",
   "aliases": [
     "CVE-2026-23519"
@@ -40,6 +40,10 @@
       "type": "WEB",
       "url": "https://github.com/RustCrypto/utils/security/advisories/GHSA-2gqc-6j2q-83qp"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23519"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/RustCrypto/utils/commit/55977257e7c82a309d5e8abfdd380a774f0f9778"
@@ -60,6 +64,6 @@
     "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-15T18:17:15Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-15T20:16:05Z"
   }
 }
diff --git a/advisories/github-reviewed/2026/01/GHSA-4jrw-64vr-7g8m/GHSA-4jrw-64vr-7g8m.json b/advisories/github-reviewed/2026/01/GHSA-4jrw-64vr-7g8m/GHSA-4jrw-64vr-7g8m.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4jrw-64vr-7g8m",
-  "modified": "2026-01-14T21:17:27Z",
+  "modified": "2026-01-15T22:33:18Z",
   "published": "2026-01-14T12:31:38Z",
   "aliases": [
     "CVE-2025-66169"
@@ -11,7 +11,7 @@
   "severity": [
     {
       "type": "CVSS_V4",
-      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
     }
   ],
   "affected": [
@@ -122,6 +122,7 @@
   "database_specific": {
     "cwe_ids": [
       "CWE-74",
+      "CWE-89",
       "CWE-943"
     ],
     "severity": "MODERATE",
diff --git a/advisories/github-reviewed/2026/01/GHSA-54v4-4685-vwrj/GHSA-54v4-4685-vwrj.json b/advisories/github-reviewed/2026/01/GHSA-54v4-4685-vwrj/GHSA-54v4-4685-vwrj.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-54v4-4685-vwrj",
-  "modified": "2026-01-15T20:11:23Z",
+  "modified": "2026-01-15T22:34:15Z",
   "published": "2026-01-15T20:11:23Z",
   "aliases": [
     "CVE-2026-23622"
@@ -40,6 +40,10 @@
       "type": "WEB",
       "url": "https://github.com/alextselegidis/easyappointments/security/advisories/GHSA-54v4-4685-vwrj"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23622"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/alextselegidis/easyappointments"
@@ -56,6 +60,6 @@
     "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-15T20:11:23Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-15T20:16:05Z"
   }
 }
diff --git a/advisories/github-reviewed/2026/01/GHSA-6738-r8g5-qwp3/GHSA-6738-r8g5-qwp3.json b/advisories/github-reviewed/2026/01/GHSA-6738-r8g5-qwp3/GHSA-6738-r8g5-qwp3.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6738-r8g5-qwp3",
-  "modified": "2026-01-15T20:13:33Z",
+  "modified": "2026-01-15T22:34:22Z",
   "published": "2026-01-15T20:13:33Z",
   "aliases": [
     "CVE-2025-15265"
@@ -43,10 +43,18 @@
       "type": "WEB",
       "url": "https://github.com/sveltejs/svelte/security/advisories/GHSA-6738-r8g5-qwp3"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15265"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/sveltejs/svelte/commit/ef81048e238844b729942441541d6dcfe6c8ccca"
     },
+    {
+      "type": "WEB",
+      "url": "https://fluidattacks.com/advisories/lydian"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/sveltejs/svelte"
@@ -63,6 +71,6 @@
     "severity": "MODERATE",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-15T20:13:33Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-15T20:16:03Z"
   }
 }
diff --git a/advisories/github-reviewed/2026/01/GHSA-gjqq-6r35-w3r8/GHSA-gjqq-6r35-w3r8.json b/advisories/github-reviewed/2026/01/GHSA-gjqq-6r35-w3r8/GHSA-gjqq-6r35-w3r8.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-gjqq-6r35-w3r8",
-  "modified": "2026-01-15T20:10:11Z",
+  "modified": "2026-01-15T22:33:55Z",
   "published": "2026-01-15T20:10:11Z",
   "aliases": [
     "CVE-2026-23520"
@@ -40,6 +40,10 @@
       "type": "WEB",
       "url": "https://github.com/getarcaneapp/arcane/security/advisories/GHSA-gjqq-6r35-w3r8"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23520"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/getarcaneapp/arcane/pull/1468"
@@ -51,6 +55,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/getarcaneapp/arcane"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/getarcaneapp/arcane/releases/tag/v1.13.0"
     }
   ],
   "database_specific": {
@@ -60,6 +68,6 @@
     "severity": "CRITICAL",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-15T20:10:11Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-15T20:16:05Z"
   }
 }
diff --git a/advisories/github-reviewed/2026/01/GHSA-j2f3-wq62-6q46/GHSA-j2f3-wq62-6q46.json b/advisories/github-reviewed/2026/01/GHSA-j2f3-wq62-6q46/GHSA-j2f3-wq62-6q46.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-j2f3-wq62-6q46",
-  "modified": "2026-01-15T18:10:52Z",
+  "modified": "2026-01-15T22:33:44Z",
   "published": "2026-01-15T18:10:52Z",
   "aliases": [
     "CVE-2026-22803"
@@ -43,6 +43,10 @@
       "type": "WEB",
       "url": "https://github.com/sveltejs/kit/security/advisories/GHSA-j2f3-wq62-6q46"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22803"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/sveltejs/kit/commit/8ed8155215b9a74012fecffb942ad9a793b274e5"
@@ -54,6 +58,10 @@
     {
       "type": "WEB",
       "url": "https://github.com/sveltejs/kit/releases/tag/%40sveltejs%2Fkit%402.49.5"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/sveltejs/kit/releases/tag/@sveltejs%2Fadapter-node@5.5.1"
     }
   ],
   "database_specific": {
@@ -63,6 +71,6 @@
     "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-15T18:10:52Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-15T19:16:06Z"
   }
 }
diff --git a/advisories/github-reviewed/2026/01/GHSA-j62c-4x62-9r35/GHSA-j62c-4x62-9r35.json b/advisories/github-reviewed/2026/01/GHSA-j62c-4x62-9r35/GHSA-j62c-4x62-9r35.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-j62c-4x62-9r35",
-  "modified": "2026-01-15T18:09:59Z",
+  "modified": "2026-01-15T22:33:31Z",
   "published": "2026-01-15T18:09:59Z",
   "aliases": [
     "CVE-2025-67647"
@@ -65,6 +65,10 @@
       "type": "WEB",
       "url": "https://github.com/sveltejs/kit/security/advisories/GHSA-j62c-4x62-9r35"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67647"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/sveltejs/kit/commit/d9ae9b00b14f5574d109f3fd548f960594346226"
@@ -84,12 +88,13 @@
   ],
   "database_specific": {
     "cwe_ids": [
+      "CWE-248",
       "CWE-400",
       "CWE-918"
     ],
     "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-15T18:09:59Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-15T19:16:03Z"
   }
 }
diff --git a/advisories/github-reviewed/2026/01/GHSA-mp2g-9vg9-f4cg/GHSA-mp2g-9vg9-f4cg.json b/advisories/github-reviewed/2026/01/GHSA-mp2g-9vg9-f4cg/GHSA-mp2g-9vg9-f4cg.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-mp2g-9vg9-f4cg",
-  "modified": "2026-01-15T20:10:51Z",
+  "modified": "2026-01-15T22:34:08Z",
   "published": "2026-01-15T20:10:51Z",
   "aliases": [
     "CVE-2026-23527"
@@ -43,6 +43,14 @@
       "type": "WEB",
       "url": "https://github.com/h3js/h3/security/advisories/GHSA-mp2g-9vg9-f4cg"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23527"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/h3js/h3/commit/618ccf4f37b8b6148bea7f36040471af45bfb097"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/h3js/h3"
@@ -59,6 +67,6 @@
     "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-15T20:10:51Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-15T20:16:05Z"
   }
 }
diff --git a/advisories/github-reviewed/2026/01/GHSA-pvm5-9frx-264r/GHSA-pvm5-9frx-264r.json b/advisories/github-reviewed/2026/01/GHSA-pvm5-9frx-264r/GHSA-pvm5-9frx-264r.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-pvm5-9frx-264r",
-  "modified": "2026-01-15T18:17:06Z",
+  "modified": "2026-01-15T22:33:49Z",
   "published": "2026-01-15T18:17:06Z",
   "aliases": [
     "CVE-2026-23511"
@@ -65,6 +65,10 @@
       "type": "WEB",
       "url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-pvm5-9frx-264r"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23511"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/zitadel/zitadel/commit/0bb00dd9fc4e5e965f8e14fa2161a5076f3c308d"
@@ -73,6 +77,10 @@
       "type": "WEB",
       "url": "https://github.com/zitadel/zitadel/commit/b85ab69e4679b0268e2b0e9b4cd04e934af10dd2"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/zitadel/zitadel/commit/c300d4cc6a2775ab17ddfe76492f24170f8b858d"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/zitadel/zitadel"
@@ -88,11 +96,12 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-203"
+      "CWE-203",
+      "CWE-204"
     ],
     "severity": "MODERATE",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-15T18:17:06Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-15T20:16:05Z"
   }
 }
diff --git a/advisories/github-reviewed/2026/01/GHSA-vw5p-8cq8-m7mv/GHSA-vw5p-8cq8-m7mv.json b/advisories/github-reviewed/2026/01/GHSA-vw5p-8cq8-m7mv/GHSA-vw5p-8cq8-m7mv.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-vw5p-8cq8-m7mv",
-  "modified": "2026-01-15T18:10:15Z",
+  "modified": "2026-01-15T22:33:39Z",
   "published": "2026-01-15T18:10:15Z",
   "aliases": [
     "CVE-2026-22774"
@@ -43,13 +43,25 @@
       "type": "WEB",
       "url": "https://github.com/sveltejs/devalue/security/advisories/GHSA-vw5p-8cq8-m7mv"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22774"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/sveltejs/devalue/commit/11755849fa0634ae294a15ec0aef2f43efcad7c4"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/sveltejs/devalue/commit/e46afa64dd2b25aa35fb905ba5d20cea63aabbf7"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/sveltejs/devalue"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/sveltejs/devalue/releases/tag/v5.6.2"
     }
   ],
   "database_specific": {
@@ -60,6 +72,6 @@
     "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-15T18:10:15Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-15T19:16:05Z"
   }
 }
