Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit d04d40f307ae · 2026-01-22T00:32:55.000Z
GHSA-pv3w-w9gj-7hf3 GHSA-26gg-j549-wrrg GHSA-5xc7-frh7-75gx GHSA-75wp-8gpw-f4fr GHSA-7mww-5m6h-hg34 GHSA-g6h8-fgfc-g79v GHSA-h235-mqh4-6cp2 GHSA-rvwq-h638-7j7w GHSA-v6c5-9mp4-mwq4 GHSA-96mr-jqwr-4jfr GHSA-fj27-mvcr-jjvm GHSA-pfq7-53pj-q6wc GHSA-rx3f-2v3q-q7mq
diff --git a/advisories/unreviewed/2024/03/GHSA-pv3w-w9gj-7hf3/GHSA-pv3w-w9gj-7hf3.json b/advisories/unreviewed/2024/03/GHSA-pv3w-w9gj-7hf3/GHSA-pv3w-w9gj-7hf3.json
@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-pv3w-w9gj-7hf3",
-  "modified": "2024-03-28T09:31:12Z",
+  "modified": "2026-01-22T00:31:29Z",
   "published": "2024-03-28T09:31:12Z",
   "aliases": [
     "CVE-2023-39309"
   ],
-  "details": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1.\n\n",
+  "details": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1.",
   "severity": [
     {
       "type": "CVSS_V3",
diff --git a/advisories/unreviewed/2025/10/GHSA-26gg-j549-wrrg/GHSA-26gg-j549-wrrg.json b/advisories/unreviewed/2025/10/GHSA-26gg-j549-wrrg/GHSA-26gg-j549-wrrg.json
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-26gg-j549-wrrg",
-  "modified": "2025-10-01T12:30:28Z",
+  "modified": "2026-01-22T00:31:29Z",
   "published": "2025-10-01T12:30:28Z",
   "aliases": [
     "CVE-2022-50437"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/hdmi: fix memory corruption with too many bridges\n\nAdd the missing sanity check on the bridge counter to avoid corrupting\ndata beyond the fixed-sized bridge array in case there are ever more\nthan eight bridges.\n\nPatchwork: https://patchwork.freedesktop.org/patch/502670/",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -48,8 +53,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-787"
+    ],
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-10-01T12:15:35Z"
diff --git a/advisories/unreviewed/2025/10/GHSA-5xc7-frh7-75gx/GHSA-5xc7-frh7-75gx.json b/advisories/unreviewed/2025/10/GHSA-5xc7-frh7-75gx/GHSA-5xc7-frh7-75gx.json
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-5xc7-frh7-75gx",
-  "modified": "2025-10-01T12:30:28Z",
+  "modified": "2026-01-22T00:31:29Z",
   "published": "2025-10-01T12:30:28Z",
   "aliases": [
     "CVE-2022-50429"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings()\n\nWe should add the of_node_put() when breaking out of\nfor_each_child_of_node() as it will automatically increase\nand decrease the refcount.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -37,7 +42,7 @@
   ],
   "database_specific": {
     "cwe_ids": [],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-10-01T12:15:34Z"
diff --git a/advisories/unreviewed/2025/10/GHSA-75wp-8gpw-f4fr/GHSA-75wp-8gpw-f4fr.json b/advisories/unreviewed/2025/10/GHSA-75wp-8gpw-f4fr/GHSA-75wp-8gpw-f4fr.json
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-75wp-8gpw-f4fr",
-  "modified": "2025-10-01T12:30:28Z",
+  "modified": "2026-01-22T00:31:29Z",
   "published": "2025-10-01T12:30:28Z",
   "aliases": [
     "CVE-2022-50438"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hinic: fix memory leak when reading function table\n\nWhen the input parameter idx meets the expected case option in\nhinic_dbg_get_func_table(), read_data is not released. Fix it.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -32,8 +37,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-401"
+    ],
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-10-01T12:15:35Z"
diff --git a/advisories/unreviewed/2025/10/GHSA-7mww-5m6h-hg34/GHSA-7mww-5m6h-hg34.json b/advisories/unreviewed/2025/10/GHSA-7mww-5m6h-hg34/GHSA-7mww-5m6h-hg34.json
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-7mww-5m6h-hg34",
-  "modified": "2025-10-01T12:30:28Z",
+  "modified": "2026-01-22T00:31:29Z",
   "published": "2025-10-01T12:30:28Z",
   "aliases": [
     "CVE-2022-50435"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid crash when inline data creation follows DIO write\n\nWhen inode is created and written to using direct IO, there is nothing\nto clear the EXT4_STATE_MAY_INLINE_DATA flag. Thus when inode gets\ntruncated later to say 1 byte and written using normal write, we will\ntry to store the data as inline data. This confuses the code later\nbecause the inode now has both normal block and inline data allocated\nand the confusion manifests for example as:\n\nkernel BUG at fs/ext4/inode.c:2721!\ninvalid opcode: 0000 [#1] PREEMPT SMP KASAN\nCPU: 0 PID: 359 Comm: repro Not tainted 5.19.0-rc8-00001-g31ba1e3b8305-dirty #15\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-1.fc36 04/01/2014\nRIP: 0010:ext4_writepages+0x363d/0x3660\nRSP: 0018:ffffc90000ccf260 EFLAGS: 00010293\nRAX: ffffffff81e1abcd RBX: 0000008000000000 RCX: ffff88810842a180\nRDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000\nRBP: ffffc90000ccf650 R08: ffffffff81e17d58 R09: ffffed10222c680b\nR10: dfffe910222c680c R11: 1ffff110222c680a R12: ffff888111634128\nR13: ffffc90000ccf880 R14: 0000008410000000 R15: 0000000000000001\nFS:  00007f72635d2640(0000) GS:ffff88811b000000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000565243379180 CR3: 000000010aa74000 CR4: 0000000000150eb0\nCall Trace:\n <TASK>\n do_writepages+0x397/0x640\n filemap_fdatawrite_wbc+0x151/0x1b0\n file_write_and_wait_range+0x1c9/0x2b0\n ext4_sync_file+0x19e/0xa00\n vfs_fsync_range+0x17b/0x190\n ext4_buffered_write_iter+0x488/0x530\n ext4_file_write_iter+0x449/0x1b90\n vfs_write+0xbcd/0xf40\n ksys_write+0x198/0x2c0\n __x64_sys_write+0x7b/0x90\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n </TASK>\n\nFix the problem by clearing EXT4_STATE_MAY_INLINE_DATA when we are doing\ndirect IO write to a file.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -53,7 +58,7 @@
   ],
   "database_specific": {
     "cwe_ids": [],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-10-01T12:15:35Z"
diff --git a/advisories/unreviewed/2025/10/GHSA-g6h8-fgfc-g79v/GHSA-g6h8-fgfc-g79v.json b/advisories/unreviewed/2025/10/GHSA-g6h8-fgfc-g79v/GHSA-g6h8-fgfc-g79v.json
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-g6h8-fgfc-g79v",
-  "modified": "2025-10-01T12:30:28Z",
+  "modified": "2026-01-22T00:31:29Z",
   "published": "2025-10-01T12:30:28Z",
   "aliases": [
     "CVE-2022-50430"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING\n\nvub300_enable_sdio_irq() works with mutex and need TASK_RUNNING here.\nEnsure that we mark current as TASK_RUNNING for sleepable context.\n\n[   77.554641] do not call blocking ops when !TASK_RUNNING; state=1 set at [<ffffffff92a72c1d>] sdio_irq_thread+0x17d/0x5b0\n[   77.554652] WARNING: CPU: 2 PID: 1983 at kernel/sched/core.c:9813 __might_sleep+0x116/0x160\n[   77.554905] CPU: 2 PID: 1983 Comm: ksdioirqd/mmc1 Tainted: G           OE      6.1.0-rc5 #1\n[   77.554910] Hardware name: Intel(R) Client Systems NUC8i7BEH/NUC8BEB, BIOS BECFL357.86A.0081.2020.0504.1834 05/04/2020\n[   77.554912] RIP: 0010:__might_sleep+0x116/0x160\n[   77.554920] RSP: 0018:ffff888107b7fdb8 EFLAGS: 00010282\n[   77.554923] RAX: 0000000000000000 RBX: ffff888118c1b740 RCX: 0000000000000000\n[   77.554926] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffed1020f6ffa9\n[   77.554928] RBP: ffff888107b7fde0 R08: 0000000000000001 R09: ffffed1043ea60ba\n[   77.554930] R10: ffff88821f5305cb R11: ffffed1043ea60b9 R12: ffffffff93aa3a60\n[   77.554932] R13: 000000000000011b R14: 7fffffffffffffff R15: ffffffffc0558660\n[   77.554934] FS:  0000000000000000(0000) GS:ffff88821f500000(0000) knlGS:0000000000000000\n[   77.554937] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[   77.554939] CR2: 00007f8a44010d68 CR3: 000000024421a003 CR4: 00000000003706e0\n[   77.554942] Call Trace:\n[   77.554944]  <TASK>\n[   77.554952]  mutex_lock+0x78/0xf0\n[   77.554973]  vub300_enable_sdio_irq+0x103/0x3c0 [vub300]\n[   77.554981]  sdio_irq_thread+0x25c/0x5b0\n[   77.555006]  kthread+0x2b8/0x370\n[   77.555017]  ret_from_fork+0x1f/0x30\n[   77.555023]  </TASK>\n[   77.555025] ---[ end trace 0000000000000000 ]---",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -53,7 +58,7 @@
   ],
   "database_specific": {
     "cwe_ids": [],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-10-01T12:15:34Z"
diff --git a/advisories/unreviewed/2025/10/GHSA-h235-mqh4-6cp2/GHSA-h235-mqh4-6cp2.json b/advisories/unreviewed/2025/10/GHSA-h235-mqh4-6cp2/GHSA-h235-mqh4-6cp2.json
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-h235-mqh4-6cp2",
-  "modified": "2025-10-01T12:30:28Z",
+  "modified": "2026-01-22T00:31:29Z",
   "published": "2025-10-01T12:30:28Z",
   "aliases": [
     "CVE-2022-50436"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: don't set up encryption key during jbd2 transaction\n\nCommit a80f7fcf1867 (\"ext4: fixup ext4_fc_track_* functions' signature\")\nextended the scope of the transaction in ext4_unlink() too far, making\nit include the call to ext4_find_entry().  However, ext4_find_entry()\ncan deadlock when called from within a transaction because it may need\nto set up the directory's encryption key.\n\nFix this by restoring the transaction to its original scope.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -37,7 +42,7 @@
   ],
   "database_specific": {
     "cwe_ids": [],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-10-01T12:15:35Z"
diff --git a/advisories/unreviewed/2025/10/GHSA-rvwq-h638-7j7w/GHSA-rvwq-h638-7j7w.json b/advisories/unreviewed/2025/10/GHSA-rvwq-h638-7j7w/GHSA-rvwq-h638-7j7w.json
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-rvwq-h638-7j7w",
-  "modified": "2025-10-01T12:30:28Z",
+  "modified": "2026-01-22T00:31:29Z",
   "published": "2025-10-01T12:30:28Z",
   "aliases": [
     "CVE-2022-50440"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Validate the box size for the snooped cursor\n\nInvalid userspace dma surface copies could potentially overflow\nthe memcpy from the surface to the snooped image leading to crashes.\nTo fix it the dimensions of the copybox have to be validated\nagainst the expected size of the snooped cursor.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -52,8 +57,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-476"
+    ],
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-10-01T12:15:36Z"
diff --git a/advisories/unreviewed/2025/11/GHSA-v6c5-9mp4-mwq4/GHSA-v6c5-9mp4-mwq4.json b/advisories/unreviewed/2025/11/GHSA-v6c5-9mp4-mwq4/GHSA-v6c5-9mp4-mwq4.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-v6c5-9mp4-mwq4",
-  "modified": "2025-11-26T15:34:12Z",
+  "modified": "2026-01-22T00:31:30Z",
   "published": "2025-11-26T15:34:12Z",
   "aliases": [
     "CVE-2025-13601"
@@ -19,6 +19,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13601"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:0936"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2025-13601"
diff --git a/advisories/unreviewed/2025/12/GHSA-96mr-jqwr-4jfr/GHSA-96mr-jqwr-4jfr.json b/advisories/unreviewed/2025/12/GHSA-96mr-jqwr-4jfr/GHSA-96mr-jqwr-4jfr.json
@@ -42,7 +42,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-74"
+      "CWE-74",
+      "CWE-89"
     ],
     "severity": "MODERATE",
     "github_reviewed": false,
diff --git a/advisories/unreviewed/2026/01/GHSA-fj27-mvcr-jjvm/GHSA-fj27-mvcr-jjvm.json b/advisories/unreviewed/2026/01/GHSA-fj27-mvcr-jjvm/GHSA-fj27-mvcr-jjvm.json
@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-fj27-mvcr-jjvm",
+  "modified": "2026-01-22T00:31:31Z",
+  "published": "2026-01-22T00:31:31Z",
+  "aliases": [
+    "CVE-2026-1036"
+  ],
+  "details": "The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_comment() function in all versions up to, and including, 1.8.36. This makes it possible for unauthenticated attackers to delete arbitrary image comments. Note: comments functionality is only available in the Pro version of the plugin.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1036"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.35/frontend/controllers/BWGControllerGalleryBox.php#L173"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4eb2ae42-584d-4da8-9184-461b5a37b7b6?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-862"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-22T00:15:51Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-pfq7-53pj-q6wc/GHSA-pfq7-53pj-q6wc.json b/advisories/unreviewed/2026/01/GHSA-pfq7-53pj-q6wc/GHSA-pfq7-53pj-q6wc.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-pfq7-53pj-q6wc",
-  "modified": "2026-01-19T15:30:37Z",
+  "modified": "2026-01-22T00:31:30Z",
   "published": "2026-01-19T15:30:37Z",
   "aliases": [
     "CVE-2026-1181"
@@ -26,6 +26,7 @@
   ],
   "database_specific": {
     "cwe_ids": [
+      "CWE-284",
       "CWE-79"
     ],
     "severity": "CRITICAL",
diff --git a/advisories/unreviewed/2026/01/GHSA-rx3f-2v3q-q7mq/GHSA-rx3f-2v3q-q7mq.json b/advisories/unreviewed/2026/01/GHSA-rx3f-2v3q-q7mq/GHSA-rx3f-2v3q-q7mq.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-rx3f-2v3q-q7mq",
-  "modified": "2026-01-16T00:30:54Z",
+  "modified": "2026-01-22T00:31:30Z",
   "published": "2026-01-16T00:30:54Z",
   "aliases": [
     "CVE-2023-7334"
