Publish Advisories

GHSA-hm5p-x4rq-38w4
GHSA-2g22-wg49-fgv5
GHSA-3ghg-3787-w2xr
GHSA-5hvc-6wx8-mvv4
GHSA-637h-ch24-xp9m
GHSA-78p6-6878-8mj6
GHSA-9cvc-h2w8-phrp
GHSA-g268-72p7-9j6j
GHSA-gxxc-m74c-f48x
GHSA-h4rm-mm56-xf63
GHSA-jrmj-c5cx-3cw6
GHSA-p523-jq9w-64x9
GHSA-q5qq-mvfm-j35x
GHSA-vmc4-9828-r48r
GHSA-w3g8-fp6j-wvqw
GHSA-wvpq-h33f-8rp6

Author: advisory-database[bot]

advisories/github-reviewed/2025/12/GHSA-hm5p-x4rq-38w4/GHSA-hm5p-x4rq-38w4.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-hm5p-x4rq-38w4",
-  "modified": "2026-01-07T21:33:21Z",
+  "modified": "2026-01-11T14:56:54Z",
   "published": "2025-12-23T19:31:10Z",
   "aliases": [
     "CVE-2025-68696"
@@ -58,6 +58,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/jnunemaker/httparty"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/httparty/CVE-2025-68696.yml"
     }
   ],
   "database_specific": {

advisories/github-reviewed/2026/01/GHSA-2g22-wg49-fgv5/GHSA-2g22-wg49-fgv5.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2g22-wg49-fgv5",
-  "modified": "2026-01-09T18:41:47Z",
+  "modified": "2026-01-11T14:55:48Z",
   "published": "2026-01-09T18:41:47Z",
   "aliases": [
     "CVE-2025-65091"
@@ -43,6 +43,10 @@
       "type": "WEB",
       "url": "https://github.com/xwiki-contrib/macro-fullcalendar/security/advisories/GHSA-2g22-wg49-fgv5"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65091"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/xwiki-contrib/macro-fullcalendar/commit/5fdcf06a05015786492fda69b4d9dea5460cc994"
@@ -59,6 +63,6 @@
     "severity": "CRITICAL",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-09T18:41:47Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-10T04:16:01Z"
   }
 }

advisories/github-reviewed/2026/01/GHSA-3ghg-3787-w2xr/GHSA-3ghg-3787-w2xr.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-3ghg-3787-w2xr",
-  "modified": "2026-01-08T21:28:04Z",
+  "modified": "2026-01-11T14:56:25Z",
   "published": "2026-01-08T21:28:04Z",
   "aliases": [
     "CVE-2026-22589"
@@ -97,6 +97,10 @@
       "type": "WEB",
       "url": "https://github.com/spree/spree/security/advisories/GHSA-3ghg-3787-w2xr"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22589"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/spree/spree/commit/16067def6de8e0742d55313e83b0fbab6d2fd795"
@@ -113,6 +117,10 @@
       "type": "WEB",
       "url": "https://github.com/spree/spree/commit/e1cff4605eb15472904602aebaf8f2d04852d6ad"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/spree_core/CVE-2026-22589.yml"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/spree/spree"
@@ -125,6 +133,6 @@
     "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-08T21:28:04Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-10T04:16:01Z"
   }
 }

advisories/github-reviewed/2026/01/GHSA-5hvc-6wx8-mvv4/GHSA-5hvc-6wx8-mvv4.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-5hvc-6wx8-mvv4",
-  "modified": "2026-01-09T21:05:13Z",
+  "modified": "2026-01-11T14:55:08Z",
   "published": "2026-01-09T21:05:13Z",
   "aliases": [
     "CVE-2026-22608"
@@ -43,6 +43,10 @@
       "type": "WEB",
       "url": "https://github.com/trailofbits/fickling/security/advisories/GHSA-5hvc-6wx8-mvv4"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22608"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/trailofbits/fickling/pull/195"
@@ -62,6 +66,10 @@
     {
       "type": "WEB",
       "url": "https://github.com/trailofbits/fickling/blob/977b0769c13537cd96549c12bb537f05464cf09c/test/test_bypasses.py#L145"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/trailofbits/fickling/releases/tag/v0.1.7"
     }
   ],
   "database_specific": {
@@ -72,6 +80,6 @@
     "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-09T21:05:13Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-10T02:15:49Z"
   }
 }

advisories/github-reviewed/2026/01/GHSA-637h-ch24-xp9m/GHSA-637h-ch24-xp9m.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-637h-ch24-xp9m",
-  "modified": "2026-01-09T18:35:57Z",
+  "modified": "2026-01-11T14:55:42Z",
   "published": "2026-01-09T18:35:57Z",
   "aliases": [
     "CVE-2025-65090"
@@ -43,6 +43,10 @@
       "type": "WEB",
       "url": "https://github.com/xwiki-contrib/macro-fullcalendar/security/advisories/GHSA-637h-ch24-xp9m"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65090"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/xwiki-contrib/macro-fullcalendar/commit/25bc14c181c9a92f493b20ac264388c7ba171884"
@@ -63,6 +67,6 @@
     "severity": "MODERATE",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-09T18:35:57Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-10T04:16:01Z"
   }
 }

advisories/github-reviewed/2026/01/GHSA-78p6-6878-8mj6/GHSA-78p6-6878-8mj6.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-78p6-6878-8mj6",
-  "modified": "2026-01-09T22:35:35Z",
+  "modified": "2026-01-11T14:56:39Z",
   "published": "2026-01-09T22:35:35Z",
   "aliases": [
     "CVE-2026-22699"
@@ -40,6 +40,10 @@
       "type": "WEB",
       "url": "https://github.com/RustCrypto/elliptic-curves/security/advisories/GHSA-78p6-6878-8mj6"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22699"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/RustCrypto/elliptic-curves/pull/1602"
@@ -60,6 +64,6 @@
     "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-09T22:35:35Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-10T06:15:52Z"
   }
 }

advisories/github-reviewed/2026/01/GHSA-9cvc-h2w8-phrp/GHSA-9cvc-h2w8-phrp.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-9cvc-h2w8-phrp",
-  "modified": "2026-01-09T18:56:21Z",
+  "modified": "2026-01-11T14:56:00Z",
   "published": "2026-01-09T18:56:21Z",
   "aliases": [
     "CVE-2026-22611"
@@ -40,6 +40,10 @@
       "type": "WEB",
       "url": "https://github.com/aws/aws-sdk-net/security/advisories/GHSA-9cvc-h2w8-phrp"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22611"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/aws/aws-sdk-net"
@@ -52,6 +56,6 @@
     "severity": "LOW",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-09T18:56:21Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-10T06:15:51Z"
   }
 }

advisories/github-reviewed/2026/01/GHSA-g268-72p7-9j6j/GHSA-g268-72p7-9j6j.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-g268-72p7-9j6j",
-  "modified": "2026-01-08T21:37:21Z",
+  "modified": "2026-01-11T14:57:07Z",
   "published": "2026-01-08T21:27:03Z",
   "aliases": [
     "CVE-2026-22588"
@@ -117,6 +117,10 @@
       "type": "WEB",
       "url": "https://github.com/spree/spree/commit/d3f961c442e0015661535cbd6eb22475f76d2dc7"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/spree_api/CVE-2026-22588.yml"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/spree/spree"

advisories/github-reviewed/2026/01/GHSA-gxxc-m74c-f48x/GHSA-gxxc-m74c-f48x.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-gxxc-m74c-f48x",
-  "modified": "2026-01-09T18:12:58Z",
+  "modified": "2026-01-11T14:55:29Z",
   "published": "2026-01-09T18:12:58Z",
   "aliases": [
     "CVE-2025-61674"
@@ -65,6 +65,10 @@
       "type": "WEB",
       "url": "https://github.com/octobercms/october/security/advisories/GHSA-gxxc-m74c-f48x"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61674"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/octobercms/october"
@@ -77,6 +81,6 @@
     "severity": "MODERATE",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-09T18:12:58Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-10T04:16:00Z"
   }
 }

advisories/github-reviewed/2026/01/GHSA-h4rm-mm56-xf63/GHSA-h4rm-mm56-xf63.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-h4rm-mm56-xf63",
-  "modified": "2026-01-09T22:29:02Z",
+  "modified": "2026-01-11T14:55:18Z",
   "published": "2026-01-09T22:29:02Z",
   "aliases": [
     "CVE-2026-22612"
@@ -43,6 +43,10 @@
       "type": "WEB",
       "url": "https://github.com/trailofbits/fickling/security/advisories/GHSA-h4rm-mm56-xf63"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22612"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/trailofbits/fickling/pull/195"
@@ -58,6 +62,10 @@
     {
       "type": "WEB",
       "url": "https://github.com/trailofbits/fickling/blob/977b0769c13537cd96549c12bb537f05464cf09c/test/test_bypasses.py#L349"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/trailofbits/fickling/releases/tag/v0.1.7"
     }
   ],
   "database_specific": {
@@ -67,6 +75,6 @@
     "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2026-01-09T22:29:02Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-01-10T02:15:50Z"
   }
 }