Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit afc3d3d97894 · 2026-01-26T15:33:02.000Z
GHSA-h9qm-fpq8-rqxr GHSA-896v-mq35-7wx7 GHSA-xgcx-934j-84hv GHSA-72hc-p753-5jcm GHSA-37g4-vx3r-j5q5 GHSA-399h-rrqc-rpgv GHSA-hfqx-732w-xrrw GHSA-39h2-3mq3-959g GHSA-6rv6-r2f2-gqrc GHSA-77p9-w6pj-rmvg GHSA-95f8-w9vw-wv9p GHSA-9mpm-5gw8-6p88 GHSA-chwh-jpcw-c4x6 GHSA-hrp9-p693-x2cg GHSA-jh94-8q48-f3m3 GHSA-x85f-j5v8-5vrv
diff --git a/advisories/unreviewed/2022/03/GHSA-h9qm-fpq8-rqxr/GHSA-h9qm-fpq8-rqxr.json b/advisories/unreviewed/2022/03/GHSA-h9qm-fpq8-rqxr/GHSA-h9qm-fpq8-rqxr.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-h9qm-fpq8-rqxr",
-  "modified": "2022-03-31T00:00:33Z",
+  "modified": "2026-01-26T15:30:28Z",
   "published": "2022-03-26T00:00:28Z",
   "aliases": [
     "CVE-2022-26573"
@@ -22,6 +22,10 @@
     {
       "type": "WEB",
       "url": "https://github.com/magicblack/maccms10/issues/840"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/magicblack/maccms10/commit/026a2893d7de4ba4987b670b292ba569f3b8d296#diff-498970d2c74a54ff851bf844ce006053b7bb7042b19711a81966554f62aff753L41-R47"
     }
   ],
   "database_specific": {
diff --git a/advisories/unreviewed/2024/08/GHSA-896v-mq35-7wx7/GHSA-896v-mq35-7wx7.json b/advisories/unreviewed/2024/08/GHSA-896v-mq35-7wx7/GHSA-896v-mq35-7wx7.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-896v-mq35-7wx7",
-  "modified": "2025-10-31T00:30:30Z",
+  "modified": "2026-01-26T15:30:29Z",
   "published": "2024-08-26T15:31:15Z",
   "aliases": [
     "CVE-2024-39097"
@@ -27,6 +27,10 @@
       "type": "WEB",
       "url": "https://github.com/gnuboard/g6/issues/582"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/gnuboard/g6/commit/eb52096f8328a891879066400f4599d1153d8bf2"
+    },
     {
       "type": "WEB",
       "url": "https://gist.github.com/Letm3through/1c7a422aa93b587fe63254e06b7f2977"
diff --git a/advisories/unreviewed/2024/08/GHSA-xgcx-934j-84hv/GHSA-xgcx-934j-84hv.json b/advisories/unreviewed/2024/08/GHSA-xgcx-934j-84hv/GHSA-xgcx-934j-84hv.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-xgcx-934j-84hv",
-  "modified": "2024-08-30T00:31:23Z",
+  "modified": "2026-01-26T15:30:29Z",
   "published": "2024-08-29T21:31:03Z",
   "aliases": [
     "CVE-2024-41345"
@@ -22,6 +22,10 @@
     {
       "type": "WEB",
       "url": "https://github.com/jpatokal/openflights/issues/1480"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/jpatokal/openflights/commit/36733f430b11a78404457a5dfc295ab1182292c0"
     }
   ],
   "database_specific": {
diff --git a/advisories/unreviewed/2025/01/GHSA-72hc-p753-5jcm/GHSA-72hc-p753-5jcm.json b/advisories/unreviewed/2025/01/GHSA-72hc-p753-5jcm/GHSA-72hc-p753-5jcm.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-72hc-p753-5jcm",
-  "modified": "2025-02-05T18:34:40Z",
+  "modified": "2026-01-26T15:30:29Z",
   "published": "2025-01-24T21:31:28Z",
   "aliases": [
     "CVE-2024-57277"
@@ -23,6 +23,10 @@
       "type": "WEB",
       "url": "https://github.com/innocommerce/innoshop/issues/115"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/innocommerce/innoshop/commit/7ccc90d2b549e14460efc4f758b01adbd080e7ff"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/yamerooo123/ResearchNBugBountyEncyclopedia/blob/main/Researches/Innocommerce/Findings.md"
diff --git a/advisories/unreviewed/2025/11/GHSA-37g4-vx3r-j5q5/GHSA-37g4-vx3r-j5q5.json b/advisories/unreviewed/2025/11/GHSA-37g4-vx3r-j5q5/GHSA-37g4-vx3r-j5q5.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-37g4-vx3r-j5q5",
-  "modified": "2025-11-21T09:30:27Z",
+  "modified": "2026-01-26T15:30:30Z",
   "published": "2025-11-21T09:30:27Z",
   "aliases": [
     "CVE-2025-12746"
@@ -19,6 +19,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12746"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/tainacan/tainacan/commit/8468fb4ec76c709d5ae2852d1fc64986b1dc73cf"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/tainacan/tainacan/blob/2491612ee9d5b14baa70862ba2308ee925de0938/src/classes/theme-helper/template-tags.php#L1652"
diff --git a/advisories/unreviewed/2025/12/GHSA-399h-rrqc-rpgv/GHSA-399h-rrqc-rpgv.json b/advisories/unreviewed/2025/12/GHSA-399h-rrqc-rpgv/GHSA-399h-rrqc-rpgv.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-399h-rrqc-rpgv",
-  "modified": "2025-12-30T15:30:25Z",
+  "modified": "2026-01-26T15:30:30Z",
   "published": "2025-12-01T18:30:38Z",
   "aliases": [
     "CVE-2025-13836"
@@ -47,6 +47,14 @@
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/5dc101675fd22918facbbe0fecdc821502beaaf0"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/afc40bdd3dd71f343fd9016f6d8eebbacbd6587c"
+    },
     {
       "type": "WEB",
       "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/OQ6G7MKRQIS3OAREC3HNG3D2DPOU34XO"
diff --git a/advisories/unreviewed/2025/12/GHSA-hfqx-732w-xrrw/GHSA-hfqx-732w-xrrw.json b/advisories/unreviewed/2025/12/GHSA-hfqx-732w-xrrw/GHSA-hfqx-732w-xrrw.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-hfqx-732w-xrrw",
-  "modified": "2026-01-14T21:34:04Z",
+  "modified": "2026-01-26T15:30:31Z",
   "published": "2025-12-03T21:31:04Z",
   "aliases": [
     "CVE-2025-12084"
@@ -59,10 +59,18 @@
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/9c9dda6625a2a90d2a06c657eee021d6be19842d"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/a46c10ec9d4050ab67b8a932e0859a2ea60c3cb8"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/a696ba8b4d42fd632afc9bc88ad830a2e4cceed8"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/c97e87593063d84a2bd9fe7068b30eb44de23dc0"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/ddcd2acd85d891a53e281c773b3093f9db953964"
diff --git a/advisories/unreviewed/2026/01/GHSA-39h2-3mq3-959g/GHSA-39h2-3mq3-959g.json b/advisories/unreviewed/2026/01/GHSA-39h2-3mq3-959g/GHSA-39h2-3mq3-959g.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-39h2-3mq3-959g",
-  "modified": "2026-01-21T00:31:42Z",
+  "modified": "2026-01-26T15:30:49Z",
   "published": "2026-01-21T00:31:42Z",
   "aliases": [
     "CVE-2025-11468"
@@ -31,6 +31,18 @@
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796"
+    },
     {
       "type": "WEB",
       "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI"
diff --git a/advisories/unreviewed/2026/01/GHSA-6rv6-r2f2-gqrc/GHSA-6rv6-r2f2-gqrc.json b/advisories/unreviewed/2026/01/GHSA-6rv6-r2f2-gqrc/GHSA-6rv6-r2f2-gqrc.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6rv6-r2f2-gqrc",
-  "modified": "2026-01-23T18:31:28Z",
+  "modified": "2026-01-26T15:30:49Z",
   "published": "2026-01-21T00:31:42Z",
   "aliases": [
     "CVE-2025-15282"
@@ -31,6 +31,22 @@
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f"
diff --git a/advisories/unreviewed/2026/01/GHSA-77p9-w6pj-rmvg/GHSA-77p9-w6pj-rmvg.json b/advisories/unreviewed/2026/01/GHSA-77p9-w6pj-rmvg/GHSA-77p9-w6pj-rmvg.json
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-77p9-w6pj-rmvg",
-  "modified": "2026-01-26T12:30:29Z",
+  "modified": "2026-01-26T15:31:25Z",
   "published": "2026-01-26T12:30:29Z",
   "aliases": [
     "CVE-2016-15057"
   ],
   "details": "** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Continuum.\n\nThis issue affects Apache Continuum: all versions.\n\nAttackers with access to the installations REST API can use this to invoke arbitrary commands on the server.\n\nAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.\n\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -23,7 +28,7 @@
     "cwe_ids": [
       "CWE-77"
     ],
-    "severity": null,
+    "severity": "CRITICAL",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2026-01-26T12:15:46Z"
diff --git a/advisories/unreviewed/2026/01/GHSA-95f8-w9vw-wv9p/GHSA-95f8-w9vw-wv9p.json b/advisories/unreviewed/2026/01/GHSA-95f8-w9vw-wv9p/GHSA-95f8-w9vw-wv9p.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-95f8-w9vw-wv9p",
+  "modified": "2026-01-26T15:31:25Z",
+  "published": "2026-01-26T15:31:25Z",
+  "aliases": [
+    "CVE-2026-1283"
+  ],
+  "details": "A Heap-based Buffer Overflow vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS 2025 through Release SOLIDWORKS 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1283"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.3ds.com/trust-center/security/security-advisories/cve-2026-1283"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-122"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-26T14:15:56Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-9mpm-5gw8-6p88/GHSA-9mpm-5gw8-6p88.json b/advisories/unreviewed/2026/01/GHSA-9mpm-5gw8-6p88/GHSA-9mpm-5gw8-6p88.json
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-9mpm-5gw8-6p88",
-  "modified": "2026-01-26T09:30:17Z",
+  "modified": "2026-01-26T15:31:24Z",
   "published": "2026-01-26T09:30:17Z",
   "aliases": [
     "CVE-2025-14316"
   ],
   "details": "The AhaChat Messenger Marketing WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -21,7 +26,7 @@
   ],
   "database_specific": {
     "cwe_ids": [],
-    "severity": null,
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2026-01-26T07:16:06Z"
diff --git a/advisories/unreviewed/2026/01/GHSA-chwh-jpcw-c4x6/GHSA-chwh-jpcw-c4x6.json b/advisories/unreviewed/2026/01/GHSA-chwh-jpcw-c4x6/GHSA-chwh-jpcw-c4x6.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-chwh-jpcw-c4x6",
+  "modified": "2026-01-26T15:31:25Z",
+  "published": "2026-01-26T15:31:25Z",
+  "aliases": [
+    "CVE-2026-1284"
+  ],
+  "details": "An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS 2025 through Release SOLIDWORKS 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1284"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.3ds.com/trust-center/security/security-advisories/cve-2026-1284"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-787"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-26T14:15:57Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-hrp9-p693-x2cg/GHSA-hrp9-p693-x2cg.json b/advisories/unreviewed/2026/01/GHSA-hrp9-p693-x2cg/GHSA-hrp9-p693-x2cg.json
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-hrp9-p693-x2cg",
-  "modified": "2026-01-26T09:30:17Z",
+  "modified": "2026-01-26T15:31:24Z",
   "published": "2026-01-26T09:30:17Z",
   "aliases": [
     "CVE-2025-14973"
   ],
   "details": "The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -20,8 +25,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2026-01-26T07:16:06Z"
diff --git a/advisories/unreviewed/2026/01/GHSA-jh94-8q48-f3m3/GHSA-jh94-8q48-f3m3.json b/advisories/unreviewed/2026/01/GHSA-jh94-8q48-f3m3/GHSA-jh94-8q48-f3m3.json
diff --git a/advisories/unreviewed/2026/01/GHSA-x85f-j5v8-5vrv/GHSA-x85f-j5v8-5vrv.json b/advisories/unreviewed/2026/01/GHSA-x85f-j5v8-5vrv/GHSA-x85f-j5v8-5vrv.json

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-h9qm-fpq8-rqxr",`
`4`		`- "modified": "2022-03-31T00:00:33Z",`
	`4`	`+ "modified": "2026-01-26T15:30:28Z",`
`5`	`5`	`"published": "2022-03-26T00:00:28Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2022-26573"`
`@@ -22,6 +22,10 @@`
`22`	`22`	`{`
`23`	`23`	`"type": "WEB",`
`24`	`24`	`"url": "https://github.com/magicblack/maccms10/issues/840"`
	`25`	`+ },`
	`26`	`+ {`
	`27`	`+ "type": "WEB",`
	`28`	`+ "url": "https://github.com/magicblack/maccms10/commit/026a2893d7de4ba4987b670b292ba569f3b8d296#diff-498970d2c74a54ff851bf844ce006053b7bb7042b19711a81966554f62aff753L41-R47"`
`25`	`29`	`}`
`26`	`30`	`],`
`27`	`31`	`"database_specific": {`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-xgcx-934j-84hv",`
`4`		`- "modified": "2024-08-30T00:31:23Z",`
	`4`	`+ "modified": "2026-01-26T15:30:29Z",`
`5`	`5`	`"published": "2024-08-29T21:31:03Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2024-41345"`
`@@ -22,6 +22,10 @@`
`22`	`22`	`{`
`23`	`23`	`"type": "WEB",`
`24`	`24`	`"url": "https://github.com/jpatokal/openflights/issues/1480"`
	`25`	`+ },`
	`26`	`+ {`
	`27`	`+ "type": "WEB",`
	`28`	`+ "url": "https://github.com/jpatokal/openflights/commit/36733f430b11a78404457a5dfc295ab1182292c0"`
`25`	`29`	`}`
`26`	`30`	`],`
`27`	`31`	`"database_specific": {`