Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit 993c7ad2de4c · 2026-01-21T12:32:05.000Z
GHSA-m2wv-p5gg-25gq GHSA-4qpp-gxm3-h9vw GHSA-grx8-c238-5vmr GHSA-m2x7-c9gp-xc46
diff --git a/advisories/unreviewed/2025/06/GHSA-m2wv-p5gg-25gq/GHSA-m2wv-p5gg-25gq.json b/advisories/unreviewed/2025/06/GHSA-m2wv-p5gg-25gq/GHSA-m2wv-p5gg-25gq.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-m2wv-p5gg-25gq",
-  "modified": "2025-06-20T12:30:52Z",
+  "modified": "2026-01-21T12:30:30Z",
   "published": "2025-06-20T12:30:52Z",
   "aliases": [
     "CVE-2025-5255"
@@ -23,6 +23,10 @@
       "type": "WEB",
       "url": "https://github.com/phcode-dev/phoenix-desktop/pull/623/commits/0c75fb57f89d0b7d9b180026bc2624b7dcf807da"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/phcode-dev/phoenix-desktop/commit/ab5d5ffd04fbbab770c1ef6250cd0ec5323289c2"
+    },
     {
       "type": "WEB",
       "url": "https://cert.pl/en/posts/2025/06/tcc-bypass"
diff --git a/advisories/unreviewed/2025/12/GHSA-4qpp-gxm3-h9vw/GHSA-4qpp-gxm3-h9vw.json b/advisories/unreviewed/2025/12/GHSA-4qpp-gxm3-h9vw/GHSA-4qpp-gxm3-h9vw.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4qpp-gxm3-h9vw",
-  "modified": "2026-01-21T06:31:19Z",
+  "modified": "2026-01-21T12:30:30Z",
   "published": "2025-12-11T15:30:32Z",
   "aliases": [
     "CVE-2025-14523"
@@ -55,6 +55,18 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:0907"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:0908"
+    },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:0909"
+    },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:0911"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2025-14523"
diff --git a/advisories/unreviewed/2026/01/GHSA-grx8-c238-5vmr/GHSA-grx8-c238-5vmr.json b/advisories/unreviewed/2026/01/GHSA-grx8-c238-5vmr/GHSA-grx8-c238-5vmr.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-grx8-c238-5vmr",
+  "modified": "2026-01-21T12:30:30Z",
+  "published": "2026-01-21T12:30:30Z",
+  "aliases": [
+    "CVE-2026-0663"
+  ],
+  "details": "Denial-of-service vulnerability in M-Files Server versions before 26.1.15632.3 allows an authenticated attacker with vault administrator privileges to crash the M-Files Server process by calling a vulnerable API endpoint.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0663"
+    },
+    {
+      "type": "WEB",
+      "url": "https://product.m-files.com/security-advisories/cve-2026-0663"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-1286"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-21T11:15:50Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-m2x7-c9gp-xc46/GHSA-m2x7-c9gp-xc46.json b/advisories/unreviewed/2026/01/GHSA-m2x7-c9gp-xc46/GHSA-m2x7-c9gp-xc46.json
@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-m2x7-c9gp-xc46",
+  "modified": "2026-01-21T12:30:30Z",
+  "published": "2026-01-21T12:30:30Z",
+  "aliases": [
+    "CVE-2026-0988"
+  ],
+  "details": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0988"
+    },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/security/cve/CVE-2026-0988"
+    },
+    {
+      "type": "WEB",
+      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429886"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-190"
+    ],
+    "severity": "LOW",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-21T12:15:55Z"
+  }
+}
