Advisory Database Sync

Author: advisory-database[bot]

advisories/unreviewed/2024/02/GHSA-rpw7-c5cp-v8vp/GHSA-rpw7-c5cp-v8vp.json

@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-rpw7-c5cp-v8vp",
-  "modified": "2024-02-07T03:30:33Z",
+  "modified": "2026-04-20T18:31:41Z",
   "published": "2024-02-07T03:30:33Z",
   "aliases": [
     "CVE-2024-0849"
   ],
-  "details": "Leanote version 2.7.0 allows obtaining arbitrary local files. This is possible\n\nbecause the application is vulnerable to LFR.\n\n\n\n\n",
+  "details": "Leanote version 2.7.0 allows obtaining arbitrary local files. This is possible\n\nbecause the application is vulnerable to LFR.",
   "severity": [
     {
       "type": "CVSS_V3",

advisories/unreviewed/2025/01/GHSA-3fcc-qfqw-wqr5/GHSA-3fcc-qfqw-wqr5.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-3fcc-qfqw-wqr5",
-  "modified": "2025-09-16T18:31:19Z",
+  "modified": "2026-04-20T18:31:42Z",
   "published": "2025-01-15T09:30:50Z",
   "aliases": [
     "CVE-2024-7322"
@@ -26,7 +26,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-346"
+      "CWE-346",
+      "CWE-940"
     ],
     "severity": "MODERATE",
     "github_reviewed": false,

advisories/unreviewed/2025/11/GHSA-r6gx-fcg6-8hhj/GHSA-r6gx-fcg6-8hhj.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-r6gx-fcg6-8hhj",
-  "modified": "2025-12-22T09:31:24Z",
+  "modified": "2026-04-20T18:31:42Z",
   "published": "2025-11-25T09:31:24Z",
   "aliases": [
     "CVE-2025-13502"
@@ -67,6 +67,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2025-13502"
     },
+    {
+      "type": "WEB",
+      "url": "https://bugs.webkit.org/show_bug.cgi?id=302218"
+    },
     {
       "type": "WEB",
       "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416300"

advisories/unreviewed/2026/02/GHSA-5rc9-qhhx-3j46/GHSA-5rc9-qhhx-3j46.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-5rc9-qhhx-3j46",
-  "modified": "2026-04-14T15:30:28Z",
+  "modified": "2026-04-20T18:31:42Z",
   "published": "2026-02-03T00:30:18Z",
   "aliases": [
     "CVE-2026-0924"

advisories/unreviewed/2026/04/GHSA-27jw-fcpv-p46x/GHSA-27jw-fcpv-p46x.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-27jw-fcpv-p46x",
+  "modified": "2026-04-20T18:31:50Z",
+  "published": "2026-04-20T18:31:49Z",
+  "aliases": [
+    "CVE-2026-23757"
+  ],
+  "details": "GFI HelpDesk before 4.99.10 contains a stored cross-site scripting vulnerability in the Reports module where the title parameter is passed directly to SWIFT_Report::Create() without HTML sanitization. Attackers can inject arbitrary JavaScript into the report title field when creating or editing a report, and the payload executes when staff members view and click the affected report link in the Manage Reports interface.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23757"
+    },
+    {
+      "type": "WEB",
+      "url": "https://gfi.ai/products-and-solutions/email-and-messaging-solutions/helpdesk/resources/product-releases"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/gfi-helpdesk-stored-xss-via-reports-module"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-20T18:16:24Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-28jg-cgg7-j4wc/GHSA-28jg-cgg7-j4wc.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-28jg-cgg7-j4wc",
-  "modified": "2026-04-20T15:31:52Z",
+  "modified": "2026-04-20T18:31:46Z",
   "published": "2026-04-20T15:31:52Z",
   "aliases": [
     "CVE-2026-33557"
   ],
   "details": "A possible security vulnerability has been identified in Apache Kafka.\n\nBy default, the broker property `sasl.oauthbearer.jwt.validator.class` is set to `org.apache.kafka.common.security.oauthbearer.DefaultJwtValidator`. It accepts any JWT token without validating its signature, issuer, or audience. An attacker can generate a JWT token from any issuer with the `preferred_username` set to any user, and the broker will accept it.\n\nWe advise the Kafka users using kafka v4.1.0 or v4.1.1 to set the config `sasl.oauthbearer.jwt.validator.class` to `org.apache.kafka.common.security.oauthbearer.BrokerJwtValidator` explicitly to avoid this vulnerability. Since Kafka v4.1.2 and v4.2.0 and later, the issue is fixed and will correctly validate the JWT token.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -31,7 +36,7 @@
     "cwe_ids": [
       "CWE-1285"
     ],
-    "severity": null,
+    "severity": "CRITICAL",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2026-04-20T14:16:18Z"

advisories/unreviewed/2026/04/GHSA-2mm2-ghgp-p33q/GHSA-2mm2-ghgp-p33q.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2mm2-ghgp-p33q",
+  "modified": "2026-04-20T18:31:50Z",
+  "published": "2026-04-20T18:31:50Z",
+  "aliases": [
+    "CVE-2026-39111"
+  ],
+  "details": "SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page (forgot-password.php). This allows an unauthenticated attacker to manipulate backend SQL queries and retrieve sensitive user data.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39111"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/efekaanakkar/Apartment-Visitors-Management-System-CVEs"
+    },
+    {
+      "type": "WEB",
+      "url": "https://phpgurukul.com/?sdm_process_download=1&download_id=21524"
+    },
+    {
+      "type": "WEB",
+      "url": "https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-20T18:16:27Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-2wm4-697g-pfq8/GHSA-2wm4-697g-pfq8.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2wm4-697g-pfq8",
-  "modified": "2026-04-20T15:31:52Z",
+  "modified": "2026-04-20T18:31:47Z",
   "published": "2026-04-20T15:31:52Z",
   "aliases": [
     "CVE-2026-5760"
   ],
   "details": "SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE) when a model file containing a malcious tokenizer.chat_template is loaded, as the Jinja2 chat templates are rendered using an unsandboxed jinja2.Environment().",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -17,11 +22,17 @@
     {
       "type": "WEB",
       "url": "https://github.com/Stuub/SGLang-0.5.9-RCE"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.kb.cert.org/vuls/id/915947"
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-94"
+    ],
+    "severity": "CRITICAL",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2026-04-20T14:16:21Z"

advisories/unreviewed/2026/04/GHSA-3gjh-jvm6-6pfg/GHSA-3gjh-jvm6-6pfg.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3gjh-jvm6-6pfg",
+  "modified": "2026-04-20T18:31:49Z",
+  "published": "2026-04-20T18:31:48Z",
+  "aliases": [
+    "CVE-2025-66954"
+  ],
+  "details": "A vulnerability exists in the Buffalo Link Station version 1.85-0.01 that allows unauthenticated or guest-level users to enumerate valid usernames and their associated privilege roles. The issue is triggered by modifying a parameter within requests sent to the /nasapi endpoint.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66954"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/DBmonster19/CVE-2025-66954"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-639"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-20T17:16:29Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-49mg-4v6p-32w2/GHSA-49mg-4v6p-32w2.json

@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-49mg-4v6p-32w2",
+  "modified": "2026-04-20T18:31:48Z",
+  "published": "2026-04-20T18:31:48Z",
+  "aliases": [
+    "CVE-2026-34429"
+  ],
+  "details": "Vvveb prior to 1.0.8.1 contains a stored cross-site scripting vulnerability that allows authenticated users with media upload and rename permissions to execute arbitrary JavaScript by bypassing MIME type validation and renaming uploaded files to executable extensions. Attackers can prepend a GIF89a header to HTML/JavaScript payloads to bypass upload validation, rename the file to .html extension, and execute malicious scripts in an administrator's browser session to create backdoor accounts and upload malicious plugins for remote code execution.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34429"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/givanz/Vvveb/commit/cc997d3359ea5e49a45c132f5dee3bc80fb441d7"
+    },
+    {
+      "type": "WEB",
+      "url": "https://delta.cyberm.ca/bugbin/ur66bvB7BYTC9y0eCIk3uzhZQgbjzAkG"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/givanz/Vvveb/releases/tag/1.0.8.1"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/vvveb-stored-xss-via-media-upload-and-rename"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-20T16:16:44Z"
+  }
+}