Vulnerability-Lookup

WID-SEC-W-2026-1007

Vulnerability from csaf_certbund - Published: 2026-04-07 22:00 - Updated: 2026-06-11 22:00

Summary

IBM App Connect Enterprise: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: IBM App Connect Enterprise kombiniert die branchenbewährten Technologien des IBM Integration Bus mit Cloud-nativen Technologien.

Angriff: Ein Angreifer kann mehrere Schwachstellen in IBM App Connect Enterprise ausnutzen, um Sicherheitsvorkehrungen zu umgehen, um einen Denial of Service Angriff durchzuführen, um Informationen offenzulegen, um Dateien zu manipulieren, um einen Cross-Site Scripting Angriff durchzuführen, um einen SQL-Injection Angriff durchzuführen, und um beliebigen Programmcode auszuführen.

Betroffene Betriebssysteme: - Linux - Sonstiges - UNIX - Windows

CVE-2025-14550

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2025-14831

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2025-15281

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2025-15366

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2025-15367

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2025-15599

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2025-55130

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2025-55131

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2025-55132

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2025-59465

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2025-59466

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2025-68470

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2025-9820

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-0540

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-0861

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-0915

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-0980

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-1207

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-1285

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-1287

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-1299

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-1312

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-1530

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-1531

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-1961

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-21637

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-22029

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-23490

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-2436

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-25518

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-27137

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-27138

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-27959

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-29063

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-29087

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-30922

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-3632

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-3633

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-3634

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-3731

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-4271

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-4324

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

CVE-2026-5119

Affected products

Known affected 5 products

Product	Identifier	Version
Red Hat Enterprise Linux 10.0 Extended Update Support Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:10.0_extended_update_support`	10.0 Extended Update Support
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IBM QRadar SIEM IBM	`cpe:/a:ibm:qradar_siem:-`	—
IBM App Connect Enterprise <13.0.7.1 IBM / App Connect Enterprise		<13.0.7.1

References

14 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.ibm.com/support/pages/node/7268737	external
https://www.ibm.com/support/pages/node/7268738	external
https://www.ibm.com/support/pages/node/7268740	external
https://www.ibm.com/support/pages/node/7268741	external
https://www.ibm.com/support/pages/node/7268743	external
https://www.ibm.com/support/pages/node/7268744	external
https://www.ibm.com/support/pages/node/7268745	external
https://www.ibm.com/support/pages/node/7268747	external
https://access.redhat.com/errata/RHSA-2026:14087	external
https://access.redhat.com/errata/RHSA-2026:17083	external
https://www.ibm.com/support/pages/node/7274746	external
https://www.ibm.com/support/pages/node/7275963	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "IBM App Connect Enterprise kombiniert die branchenbew\u00e4hrten Technologien des IBM Integration Bus mit Cloud-nativen Technologien.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in IBM App Connect Enterprise ausnutzen, um Sicherheitsvorkehrungen zu umgehen, um einen Denial of Service Angriff durchzuf\u00fchren, um Informationen offenzulegen, um Dateien zu manipulieren, um einen Cross-Site Scripting Angriff durchzuf\u00fchren, um einen SQL-Injection Angriff durchzuf\u00fchren, und um beliebigen Programmcode auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-1007 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1007.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-1007 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1007"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7268737 vom 2026-04-07",
        "url": "https://www.ibm.com/support/pages/node/7268737"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7268738 vom 2026-04-07",
        "url": "https://www.ibm.com/support/pages/node/7268738"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7268740 vom 2026-04-07",
        "url": "https://www.ibm.com/support/pages/node/7268740"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7268741 vom 2026-04-07",
        "url": "https://www.ibm.com/support/pages/node/7268741"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7268743 vom 2026-04-07",
        "url": "https://www.ibm.com/support/pages/node/7268743"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7268744 vom 2026-04-07",
        "url": "https://www.ibm.com/support/pages/node/7268744"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7268745 vom 2026-04-07",
        "url": "https://www.ibm.com/support/pages/node/7268745"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7268747 vom 2026-04-07",
        "url": "https://www.ibm.com/support/pages/node/7268747"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14087 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:14087"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:17083 vom 2026-05-13",
        "url": "https://access.redhat.com/errata/RHSA-2026:17083"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7274746 vom 2026-06-01",
        "url": "https://www.ibm.com/support/pages/node/7274746"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7275963 vom 2026-06-11",
        "url": "https://www.ibm.com/support/pages/node/7275963"
      }
    ],
    "source_lang": "en-US",
    "title": "IBM App Connect Enterprise: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-06-11T22:00:00.000+00:00",
      "generator": {
        "date": "2026-06-12T07:37:37.117+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.6.0"
        }
      },
      "id": "WID-SEC-W-2026-1007",
      "initial_release_date": "2026-04-07T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-04-07T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-05-06T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-14T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-06-01T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2026-06-11T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c13.0.7.1",
                "product": {
                  "name": "IBM App Connect Enterprise \u003c13.0.7.1",
                  "product_id": "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
                }
              },
              {
                "category": "product_version",
                "name": "13.0.7.1",
                "product": {
                  "name": "IBM App Connect Enterprise 13.0.7.1",
                  "product_id": "2F33676F-DD00-4E4F-ADCC-F29993D51A12-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:app_connect_enterprise:13.0.7.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "IBM App Connect Enterprise",
                "product": {
                  "name": "IBM App Connect Enterprise",
                  "product_id": "T052517",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:app_connect_enterprise:-"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "App Connect Enterprise"
          },
          {
            "category": "product_name",
            "name": "IBM QRadar SIEM",
            "product": {
              "name": "IBM QRadar SIEM",
              "product_id": "T021415",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:qradar_siem:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "10.0 Extended Update Support",
                "product": {
                  "name": "Red Hat Enterprise Linux 10.0 Extended Update Support",
                  "product_id": "T054024",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:10.0_extended_update_support"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-14550",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-14550"
    },
    {
      "cve": "CVE-2025-14831",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-14831"
    },
    {
      "cve": "CVE-2025-15281",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-15281"
    },
    {
      "cve": "CVE-2025-15366",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-15366"
    },
    {
      "cve": "CVE-2025-15367",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-15367"
    },
    {
      "cve": "CVE-2025-15599",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-15599"
    },
    {
      "cve": "CVE-2025-55130",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-55130"
    },
    {
      "cve": "CVE-2025-55131",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-55131"
    },
    {
      "cve": "CVE-2025-55132",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-55132"
    },
    {
      "cve": "CVE-2025-59465",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-59465"
    },
    {
      "cve": "CVE-2025-59466",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-59466"
    },
    {
      "cve": "CVE-2025-68470",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-68470"
    },
    {
      "cve": "CVE-2025-9820",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-9820"
    },
    {
      "cve": "CVE-2026-0540",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-0540"
    },
    {
      "cve": "CVE-2026-0861",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-0861"
    },
    {
      "cve": "CVE-2026-0915",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-0915"
    },
    {
      "cve": "CVE-2026-0980",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-0980"
    },
    {
      "cve": "CVE-2026-1207",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-1207"
    },
    {
      "cve": "CVE-2026-1285",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-1285"
    },
    {
      "cve": "CVE-2026-1287",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-1287"
    },
    {
      "cve": "CVE-2026-1299",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-1299"
    },
    {
      "cve": "CVE-2026-1312",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-1312"
    },
    {
      "cve": "CVE-2026-1530",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-1530"
    },
    {
      "cve": "CVE-2026-1531",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-1531"
    },
    {
      "cve": "CVE-2026-1961",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-1961"
    },
    {
      "cve": "CVE-2026-21637",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-21637"
    },
    {
      "cve": "CVE-2026-22029",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-22029"
    },
    {
      "cve": "CVE-2026-23490",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-23490"
    },
    {
      "cve": "CVE-2026-2436",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-2436"
    },
    {
      "cve": "CVE-2026-25518",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-25518"
    },
    {
      "cve": "CVE-2026-27137",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-27137"
    },
    {
      "cve": "CVE-2026-27138",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-27138"
    },
    {
      "cve": "CVE-2026-27959",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-27959"
    },
    {
      "cve": "CVE-2026-29063",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-29063"
    },
    {
      "cve": "CVE-2026-29087",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-29087"
    },
    {
      "cve": "CVE-2026-30922",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-30922"
    },
    {
      "cve": "CVE-2026-3632",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-3632"
    },
    {
      "cve": "CVE-2026-3633",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-3633"
    },
    {
      "cve": "CVE-2026-3634",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-3634"
    },
    {
      "cve": "CVE-2026-3731",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-3731"
    },
    {
      "cve": "CVE-2026-4271",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-4271"
    },
    {
      "cve": "CVE-2026-4324",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-4324"
    },
    {
      "cve": "CVE-2026-5119",
      "product_status": {
        "known_affected": [
          "T054024",
          "T052517",
          "67646",
          "T021415",
          "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
        ]
      },
      "release_date": "2026-04-07T22:00:00.000+00:00",
      "title": "CVE-2026-5119"
    }
  ]
}

CVE-2025-14550 (GCVE-0-2025-14550)

Vulnerability from cvelistv5 – Published: 2026-02-03 14:38 – Updated: 2026-02-03 16:27

Title

Potential denial-of-service vulnerability via repeated headers when using ASGI

Summary

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. `ASGIRequest` allows a remote attacker to cause a potential denial-of-service via a crafted request with multiple duplicate headers. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Jiyong Yang for reporting this issue.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-407 - Inefficient Algorithmic Complexity

Assigner

DSF

References

3 references

URL	Tags
https://docs.djangoproject.com/en/dev/releases/se…	vendor-advisory
https://groups.google.com/g/django-announce	mailing-list
https://www.djangoproject.com/weblog/2026/feb/03/…	vendor-advisory

Impacted products

2 products

Vendor	Product	Version
djangoproject	Django	Affected: 6.0 , < 6.0.2 (semver) Unaffected: 6.0.2 (semver) Affected: 5.2 , < 5.2.11 (semver) Unaffected: 5.2.11 (semver) Affected: 4.2 , < 4.2.28 (semver) Unaffected: 4.2.28 (semver)
djangoproject	asgiref	Affected: 3 , < 3.11.1 (semver) Unaffected: 3.11.1 (semver)

Date Public

2026-02-03 08:00

Credits

Jiyong Yang Jake Howard Jacob Walls

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-14550",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-03T16:27:25.280447Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-03T16:27:38.976Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pypi.org/project/Django/",
          "defaultStatus": "unaffected",
          "packageName": "django",
          "product": "Django",
          "repo": "https://github.com/django/django/",
          "vendor": "djangoproject",
          "versions": [
            {
              "lessThan": "6.0.2",
              "status": "affected",
              "version": "6.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "6.0.2",
              "versionType": "semver"
            },
            {
              "lessThan": "5.2.11",
              "status": "affected",
              "version": "5.2",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "5.2.11",
              "versionType": "semver"
            },
            {
              "lessThan": "4.2.28",
              "status": "affected",
              "version": "4.2",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "4.2.28",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://pypi.org/project/asgiref/",
          "defaultStatus": "unaffected",
          "packageName": "asgiref",
          "product": "asgiref",
          "repo": "https://github.com/django/asgiref/",
          "vendor": "djangoproject",
          "versions": [
            {
              "lessThan": "3.11.1",
              "status": "affected",
              "version": "3",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "3.11.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Jiyong Yang"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Jake Howard"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "Jacob Walls"
        }
      ],
      "datePublic": "2026-02-03T08:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28.\u003c/p\u003e\u003cp\u003e`ASGIRequest` allows a remote attacker to cause a potential denial-of-service via a crafted request with multiple duplicate headers.\u003c/p\u003e\u003cp\u003eEarlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.\u003c/p\u003e\u003cp\u003eDjango would like to thank Jiyong Yang for reporting this issue.\u003c/p\u003e"
            }
          ],
          "value": "An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28.\n`ASGIRequest` allows a remote attacker to cause a potential denial-of-service via a crafted request with multiple duplicate headers.\nEarlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.\nDjango would like to thank Jiyong Yang for reporting this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-130",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-130: Excessive Allocation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://docs.djangoproject.com/en/dev/internals/security/#security-issue-severity-levels",
              "value": "moderate"
            },
            "type": "Django severity rating"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-407",
              "description": "CWE-407: Inefficient Algorithmic Complexity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-03T14:38:15.875Z",
        "orgId": "6a34fbeb-21d4-45e7-8e0a-62b95bc12c92",
        "shortName": "DSF"
      },
      "references": [
        {
          "name": "Django security archive",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://docs.djangoproject.com/en/dev/releases/security/"
        },
        {
          "name": "Django releases announcements",
          "tags": [
            "mailing-list"
          ],
          "url": "https://groups.google.com/g/django-announce"
        },
        {
          "name": "Django security releases issued: 6.0.2, 5.2.11, and 4.2.28",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.djangoproject.com/weblog/2026/feb/03/security-releases/"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2025-11-14T18:00:00.000Z",
          "value": "Initial report received."
        },
        {
          "lang": "en",
          "time": "2025-12-16T18:00:00.000Z",
          "value": "Vulnerability confirmed."
        },
        {
          "lang": "en",
          "time": "2026-02-03T08:00:00.000Z",
          "value": "Security release issued."
        }
      ],
      "title": "Potential denial-of-service vulnerability via repeated headers when using ASGI",
      "x_generator": {
        "engine": "cvelib 1.8.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6a34fbeb-21d4-45e7-8e0a-62b95bc12c92",
    "assignerShortName": "DSF",
    "cveId": "CVE-2025-14550",
    "datePublished": "2026-02-03T14:38:15.875Z",
    "dateReserved": "2025-12-11T20:08:21.400Z",
    "dateUpdated": "2026-02-03T16:27:38.976Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-14831 (GCVE-0-2025-14831)

Vulnerability from cvelistv5 – Published: 2026-02-09 14:51 – Updated: 2026-06-10 17:34

Title

Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification

Summary

A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-407 - Inefficient Algorithmic Complexity

Assigner

redhat

References

25 references

URL	Tags
https://access.redhat.com/errata/RHSA-2026:13812	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:16008	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:16009	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:16174	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:25096	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:3477	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:4188	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:4655	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:4943	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:5585	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:5606	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:6618	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:6630	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:6737	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:6738	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:7329	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:7335	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:7477	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:8746	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:8747	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:8748	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-14831	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2423177	issue-trackingx_refsource_REDHAT
https://gitlab.com/gnutls/gnutls/-/issues/1773
https://cert-portal.siemens.com/productcert/html/…

Impacted products

35 products

Vendor	Product	Version
Red Hat	Red Hat Enterprise Linux 10	Unaffected: 0:3.8.10-3.el10_1 , < * (rpm) cpe:/o:redhat:enterprise_linux:10.1
Red Hat	Red Hat Enterprise Linux 10.0 Extended Update Support	Unaffected: 0:3.8.9-9.el10_0.17 , < * (rpm) cpe:/o:redhat:enterprise_linux_eus:10.0
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:3.6.16-8.el8_10.5 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream cpe:/o:redhat:enterprise_linux:8::baseos
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:3.8.3-10.el9_7 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:3.7.6-21.el9_2.5 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream cpe:/o:redhat:rhel_e4s:9.2::baseos
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:3.8.3-4.el9_4.5 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/o:redhat:rhel_eus:9.4::baseos
Red Hat	Red Hat Enterprise Linux 9.6 Extended Update Support	Unaffected: 0:3.8.3-6.el9_6.3 , < * (rpm) cpe:/a:redhat:rhel_eus:9.6::appstream cpe:/o:redhat:rhel_eus:9.6::baseos
Red Hat	RHEL-8 based Middleware Containers	Unaffected: 7.13.5-4.1777325677 , < * (rpm) cpe:/a:redhat:rhosemc:1.0::el8
Red Hat	RHEL-8 based Middleware Containers	Unaffected: 7.13.5-4.1777325711 , < * (rpm) cpe:/a:redhat:rhosemc:1.0::el8
Red Hat	RHEL-8 based Middleware Containers	Unaffected: 7.13.5-4.1777325710 , < * (rpm) cpe:/a:redhat:rhosemc:1.0::el8
Red Hat	RHEL-8 based Middleware Containers	Unaffected: 7.13.5-3.1777325680 , < * (rpm) cpe:/a:redhat:rhosemc:1.0::el8
Red Hat	RHEL-8 based Middleware Containers	Unaffected: 7.13.5-4.1777325709 , < * (rpm) cpe:/a:redhat:rhosemc:1.0::el8
Red Hat	RHEL-8 based Middleware Containers	Unaffected: 7.13.5-4.1777325680 , < * (rpm) cpe:/a:redhat:rhosemc:1.0::el8
Red Hat	RHEL-8 based Middleware Containers	Unaffected: 7.13.5-4.1777325708 , < * (rpm) cpe:/a:redhat:rhosemc:1.0::el8
Red Hat	Red Hat AI Inference Server 3.2	Unaffected: 1780681984 , < * (rpm) cpe:/a:redhat:ai_inference_server:3.2::el9
Red Hat	Red Hat AI Inference Server 3.2	Unaffected: 1775740563 , < * (rpm) cpe:/a:redhat:ai_inference_server:3.2::el9
Red Hat	Red Hat AI Inference Server 3.3	Unaffected: 1778244559 , < * (rpm) cpe:/a:redhat:ai_inference_server:3.3::el9
Red Hat	Red Hat AI Inference Server 3.3	Unaffected: 1778244531 , < * (rpm) cpe:/a:redhat:ai_inference_server:3.3::el9
Red Hat	Red Hat AI Inference Server 3.3	Unaffected: 1778244546 , < * (rpm) cpe:/a:redhat:ai_inference_server:3.3::el9
Red Hat	Red Hat AI Inference Server 3.3	Unaffected: 1775680192 , < * (rpm) cpe:/a:redhat:ai_inference_server:3.3::el9
Red Hat	Red Hat AI Inference Server 3.3	Unaffected: 1775680262 , < * (rpm) cpe:/a:redhat:ai_inference_server:3.3::el9
Red Hat	Red Hat AI Inference Server 3.3	Unaffected: 1775749857 , < * (rpm) cpe:/a:redhat:ai_inference_server:3.3::el9
Red Hat	Red Hat Ceph Storage 8	Unaffected: 1774002867 , < * (rpm) cpe:/a:redhat:ceph_storage:8::el9
Red Hat	Red Hat Discovery 2	Unaffected: 1775668717 , < * (rpm) cpe:/a:redhat:discovery:2::el9
Red Hat	Red Hat Discovery 2	Unaffected: 1775675922 , < * (rpm) cpe:/a:redhat:discovery:2::el9
Red Hat	Red Hat Hardened Images	Unaffected: 3.8.12-1.1.hum1 , < * (rpm) cpe:/a:redhat:hummingbird:1
Red Hat	Red Hat Insights proxy 1.5	Unaffected: 1773685509 , < * (rpm) cpe:/a:redhat:insights_proxy:1.5::el9
Red Hat	Red Hat Update Infrastructure 5	Unaffected: 1773670073 , < * (rpm) cpe:/a:redhat:rhui:5::el9
Red Hat	Red Hat Update Infrastructure 5	Unaffected: 1773672059 , < * (rpm) cpe:/a:redhat:rhui:5::el9
Red Hat	Red Hat Update Infrastructure 5	Unaffected: 1773668803 , < * (rpm) cpe:/a:redhat:rhui:5::el9
Red Hat	Red Hat Update Infrastructure 5	Unaffected: 1773670137 , < * (rpm) cpe:/a:redhat:rhui:5::el9
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Siemens	SIMATIC CN 4100	Affected: 0 , < V5.0 (custom)

Date Public

2026-02-09 14:26

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-14831",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-09T15:25:49.680881Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-09T15:26:01.239Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC CN 4100",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V5.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T12:02:57.683Z",
          "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
          "shortName": "siemens-SADP"
        },
        "references": [
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html"
          }
        ],
        "x_adpType": "supplier"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.1"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.10-3.el10_1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux_eus:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 10.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.9-9.el10_0.17",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.16-8.el8_10.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.16-8.el8_10.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-10.el9_7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-10.el9_7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream",
            "cpe:/o:redhat:rhel_e4s:9.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.7.6-21.el9_2.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/o:redhat:rhel_eus:9.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-4.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.6::appstream",
            "cpe:/o:redhat:rhel_eus:9.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-6.el9_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhosemc:1.0::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhpam-7/rhpam-businesscentral-monitoring-rhel8",
          "product": "RHEL-8 based Middleware Containers",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "7.13.5-4.1777325677",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhosemc:1.0::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhpam-7/rhpam-businesscentral-rhel8",
          "product": "RHEL-8 based Middleware Containers",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "7.13.5-4.1777325711",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhosemc:1.0::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhpam-7/rhpam-controller-rhel8",
          "product": "RHEL-8 based Middleware Containers",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "7.13.5-4.1777325710",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhosemc:1.0::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhpam-7/rhpam-dashbuilder-rhel8",
          "product": "RHEL-8 based Middleware Containers",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "7.13.5-3.1777325680",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhosemc:1.0::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhpam-7/rhpam-kieserver-rhel8",
          "product": "RHEL-8 based Middleware Containers",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "7.13.5-4.1777325709",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhosemc:1.0::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhpam-7/rhpam-process-migration-rhel8",
          "product": "RHEL-8 based Middleware Containers",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "7.13.5-4.1777325680",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhosemc:1.0::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhpam-7/rhpam-smartrouter-rhel8",
          "product": "RHEL-8 based Middleware Containers",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "7.13.5-4.1777325708",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ai_inference_server:3.2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhaiis/model-opt-cuda-rhel9",
          "product": "Red Hat AI Inference Server 3.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1780681984",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ai_inference_server:3.2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhaiis/vllm-cuda-rhel9",
          "product": "Red Hat AI Inference Server 3.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1775740563",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ai_inference_server:3.3::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhaiis/model-opt-cuda-rhel9",
          "product": "Red Hat AI Inference Server 3.3",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1778244559",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ai_inference_server:3.3::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhaiis/vllm-rocm-rhel9",
          "product": "Red Hat AI Inference Server 3.3",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1778244531",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ai_inference_server:3.3::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhaiis/vllm-spyre-rhel9",
          "product": "Red Hat AI Inference Server 3.3",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1778244546",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ai_inference_server:3.3::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhaiis/vllm-cuda-rhel9",
          "product": "Red Hat AI Inference Server 3.3",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1775680192",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ai_inference_server:3.3::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhaiis/vllm-rocm-rhel9",
          "product": "Red Hat AI Inference Server 3.3",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1775680262",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ai_inference_server:3.3::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhaiis/model-opt-cuda-rhel9",
          "product": "Red Hat AI Inference Server 3.3",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1775749857",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhceph/rhceph-8-rhel9",
          "product": "Red Hat Ceph Storage 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1774002867",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "discovery/discovery-server-rhel9",
          "product": "Red Hat Discovery 2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1775668717",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "discovery/discovery-ui-rhel9",
          "product": "Red Hat Discovery 2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1775675922",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:hummingbird:1"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls-main",
          "product": "Red Hat Hardened Images",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.8.12-1.1.hum1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:insights_proxy:1.5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "insights-proxy/insights-proxy-container-rhel9",
          "product": "Red Hat Insights proxy 1.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1773685509",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhui:5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhui5/cds-rhel9",
          "product": "Red Hat Update Infrastructure 5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1773670073",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhui:5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhui5/haproxy-rhel9",
          "product": "Red Hat Update Infrastructure 5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1773672059",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhui:5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhui5/installer-rhel9",
          "product": "Red Hat Update Infrastructure 5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1773668803",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhui:5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhui5/rhua-rhel9",
          "product": "Red Hat Update Infrastructure 5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1773670137",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2026-02-09T14:26:34.939Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-407",
              "description": "Inefficient Algorithmic Complexity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-10T17:34:40.704Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2026:13812",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:13812"
        },
        {
          "name": "RHSA-2026:16008",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:16008"
        },
        {
          "name": "RHSA-2026:16009",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:16009"
        },
        {
          "name": "RHSA-2026:16174",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:16174"
        },
        {
          "name": "RHSA-2026:25096",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:25096"
        },
        {
          "name": "RHSA-2026:3477",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:3477"
        },
        {
          "name": "RHSA-2026:4188",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:4188"
        },
        {
          "name": "RHSA-2026:4655",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:4655"
        },
        {
          "name": "RHSA-2026:4943",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:4943"
        },
        {
          "name": "RHSA-2026:5585",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:5585"
        },
        {
          "name": "RHSA-2026:5606",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:5606"
        },
        {
          "name": "RHSA-2026:6618",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:6618"
        },
        {
          "name": "RHSA-2026:6630",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:6630"
        },
        {
          "name": "RHSA-2026:6737",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:6737"
        },
        {
          "name": "RHSA-2026:6738",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:6738"
        },
        {
          "name": "RHSA-2026:7329",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:7329"
        },
        {
          "name": "RHSA-2026:7335",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:7335"
        },
        {
          "name": "RHSA-2026:7477",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:7477"
        },
        {
          "name": "RHSA-2026:8746",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:8746"
        },
        {
          "name": "RHSA-2026:8747",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:8747"
        },
        {
          "name": "RHSA-2026:8748",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:8748"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-14831"
        },
        {
          "name": "RHBZ#2423177",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423177"
        },
        {
          "url": "https://gitlab.com/gnutls/gnutls/-/issues/1773"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-17T14:48:30.222Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-02-09T14:26:34.939Z",
          "value": "Made public."
        }
      ],
      "title": "Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification",
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-407: Inefficient Algorithmic Complexity"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-14831",
    "datePublished": "2026-02-09T14:51:32.447Z",
    "dateReserved": "2025-12-17T14:44:59.859Z",
    "dateUpdated": "2026-06-10T17:34:40.704Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-15281 (GCVE-0-2025-15281)

Vulnerability from cvelistv5 – Published: 2026-01-20 13:22 – Updated: 2026-01-22 19:21

Title

wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory

Summary

Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-908 - Use of Uninitialized Resource

Assigner

glibc

References

2 references

URL	Tags
https://sourceware.org/bugzilla/show_bug.cgi?id=33814
http://www.openwall.com/lists/oss-security/2026/01/20/3

Impacted products

1 product

Vendor	Product	Version
The GNU C Library	glibc	Affected: 2.0 , ≤ 2.42 (custom)

Credits

Vitaly Simonovich

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2026-01-20T17:08:42.853Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/01/20/3"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-15281",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-22T19:21:34.491759Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-22T19:21:38.455Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "glibc",
          "vendor": "The GNU C Library",
          "versions": [
            {
              "lessThanOrEqual": "2.42",
              "status": "affected",
              "version": "2.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Vitaly Simonovich"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eCalling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.\u003c/div\u003e"
            }
          ],
          "value": "Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-129",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-129 Pointer Manipulation"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-908",
              "description": "CWE-908 Use of Uninitialized Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-20T13:22:46.495Z",
        "orgId": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
        "shortName": "glibc"
      },
      "references": [
        {
          "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33814"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
    "assignerShortName": "glibc",
    "cveId": "CVE-2025-15281",
    "datePublished": "2026-01-20T13:22:46.495Z",
    "dateReserved": "2025-12-29T20:07:29.736Z",
    "dateUpdated": "2026-01-22T19:21:38.455Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-15366 (GCVE-0-2025-15366)

Vulnerability from cvelistv5 – Published: 2026-01-20 21:40 – Updated: 2026-02-26 14:44

Title

IMAP command injection in user-controlled commands

Summary

The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.

Severity

5.9 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Assigner

PSF

References

4 references

URL	Tags
https://github.com/python/cpython/issues/143921	issue-tracking
https://github.com/python/cpython/pull/143922	patch
https://mail.python.org/archives/list/security-an…	vendor-advisory
https://github.com/python/cpython/commit/6262704b…	patch

Impacted products

1 product

Vendor	Product	Version
Python Software Foundation	CPython	Affected: 0 , < 3.15.0a6 (python)

Credits

Omar M. Hasan

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-15366",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-22T04:55:32.252111Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:41.682Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "imaplib"
          ],
          "product": "CPython",
          "repo": "https://github.com/python/cpython",
          "vendor": "Python Software Foundation",
          "versions": [
            {
              "lessThan": "3.15.0a6",
              "status": "affected",
              "version": "0",
              "versionType": "python"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Omar M. Hasan"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters."
            }
          ],
          "value": "The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-11T16:12:34.324Z",
        "orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
        "shortName": "PSF"
      },
      "references": [
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/python/cpython/issues/143921"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/pull/143922"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/DD7C7JZJYTBXMDOWKCEIEBJLBRU64OMR/"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/6262704b134db2a4ba12e85ecfbd968534f28b45"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "IMAP command injection in user-controlled commands",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
    "assignerShortName": "PSF",
    "cveId": "CVE-2025-15366",
    "datePublished": "2026-01-20T21:40:24.938Z",
    "dateReserved": "2025-12-30T16:06:41.731Z",
    "dateUpdated": "2026-02-26T14:44:41.682Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-15367 (GCVE-0-2025-15367)

Vulnerability from cvelistv5 – Published: 2026-01-20 21:47 – Updated: 2026-02-26 14:44

Title

POP3 command injection in user-controlled commands

Summary

The poplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.

Severity

5.9 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Assigner

PSF

References

4 references

URL	Tags
https://github.com/python/cpython/pull/143924	patch
https://github.com/python/cpython/issues/143923	issue-tracking
https://mail.python.org/archives/list/security-an…	vendor-advisory
https://github.com/python/cpython/commit/b234a2b6…	patch

Impacted products

1 product

Vendor	Product	Version
Python Software Foundation	CPython	Affected: 0 , < 3.15.0a6 (python)

Credits

Omar M. Hasan

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-15367",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-22T04:55:33.480214Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:41.341Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "poplib"
          ],
          "product": "CPython",
          "repo": "https://github.com/python/cpython",
          "vendor": "Python Software Foundation",
          "versions": [
            {
              "lessThan": "3.15.0a6",
              "status": "affected",
              "version": "0",
              "versionType": "python"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Omar M. Hasan"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The poplib module, when passed a user-controlled command, can have\nadditional commands injected using newlines. Mitigation rejects commands\ncontaining control characters."
            }
          ],
          "value": "The poplib module, when passed a user-controlled command, can have\nadditional commands injected using newlines. Mitigation rejects commands\ncontaining control characters."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-11T16:12:35.845Z",
        "orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
        "shortName": "PSF"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/pull/143924"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/python/cpython/issues/143923"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/CBFBOWVGGUJFSGITQCCBZS4GEYYZ7ZNE/"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/b234a2b67539f787e191d2ef19a7cbdce32874e7"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "POP3 command injection in user-controlled commands",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
    "assignerShortName": "PSF",
    "cveId": "CVE-2025-15367",
    "datePublished": "2026-01-20T21:47:09.885Z",
    "dateReserved": "2025-12-30T16:06:42.288Z",
    "dateUpdated": "2026-02-26T14:44:41.341Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-15599 (GCVE-0-2025-15599)

Vulnerability from cvelistv5 – Published: 2026-03-03 17:26 – Updated: 2026-03-03 19:05

Title

DOMPurify XSS via Textarea Rawtext Bypass in SAFE_FOR_XML

Summary

DOMPurify 3.1.3 through 3.2.6 and 2.5.3 through 2.5.8 contain a cross-site scripting vulnerability that allows attackers to bypass attribute sanitization by exploiting missing textarea rawtext element validation in the SAFE_FOR_XML regex. Attackers can include closing rawtext tags like </textarea> in attribute values to break out of rawtext contexts and execute JavaScript when sanitized output is placed inside rawtext elements. The 3.x branch was fixed in 3.2.7; the 2.x branch was never patched.

Severity

5.1 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

VulnCheck

References

3 references

URL	Tags
https://github.com/cure53/DOMPurify	product
https://github.com/cure53/DOMPurify/commit/c861f5…	patch
https://www.vulncheck.com/advisories/dompurify-xs…	third-party-advisory

Impacted products

1 product

Vendor	Product	Version
cure53	DOMPurify	Affected: 3.1.3 , ≤ 3.2.6 (semver) Unaffected: 3.2.7 (semver) Affected: 2.5.3 , ≤ 2.5.8 (semver)

Credits

Scott Moore - VulnCheck

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-15599",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-03T19:05:27.449675Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-03T19:05:42.548Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DOMPurify",
          "vendor": "cure53",
          "versions": [
            {
              "lessThanOrEqual": "3.2.6",
              "status": "affected",
              "version": "3.1.3",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "3.2.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "2.5.8",
              "status": "affected",
              "version": "2.5.3",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:cure53:dompurify:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "3.2.6",
                  "versionStartIncluding": "3.1.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:cure53:dompurify:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "2.5.8",
                  "versionStartIncluding": "2.5.3",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Scott Moore - VulnCheck"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "DOMPurify 3.1.3 through 3.2.6 and 2.5.3 through 2.5.8 contain a cross-site scripting vulnerability that allows attackers to bypass attribute sanitization by exploiting missing textarea rawtext element validation in the SAFE_FOR_XML regex. Attackers can include closing rawtext tags like \u003c/textarea\u003e in attribute values to break out of rawtext contexts and execute JavaScript when sanitized output is placed inside rawtext elements. The 3.x branch was fixed in 3.2.7; the 2.x branch was never patched."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "ACTIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS"
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-03T18:06:06.815Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "name": "DOMPurify GitHub Repository",
          "tags": [
            "product"
          ],
          "url": "https://github.com/cure53/DOMPurify"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/cure53/DOMPurify/commit/c861f5a83fb8d90800f1680f855fee551161ac2b"
        },
        {
          "name": "VulnCheck Advisory: DOMPurify XSS via Textarea Rawtext Bypass in SAFE_FOR_XML",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/dompurify-xss-via-textarea-rawtext-bypass-in-safe-for-xml"
        }
      ],
      "title": "DOMPurify XSS via Textarea Rawtext Bypass in SAFE_FOR_XML",
      "x_generator": {
        "engine": "scooter"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2025-15599",
    "datePublished": "2026-03-03T17:26:05.711Z",
    "dateReserved": "2026-03-03T16:11:56.845Z",
    "dateUpdated": "2026-03-03T19:05:42.548Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-55130 (GCVE-0-2025-55130)

Vulnerability from cvelistv5 – Published: 2026-01-20 20:41 – Updated: 2026-02-26 14:44

Summary

A flaw in Node.js’s Permissions model allows attackers to bypass `--allow-fs-read` and `--allow-fs-write` restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files. This breaks the expected isolation guarantees and enables arbitrary file read/write, leading to potential system compromise. This vulnerability affects users of the permission model on Node.js v20, v22, v24, and v25.

Severity

7.1 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-289 - Authentication Bypass by Alternate Name

Assigner

hackerone

References

1 reference

URL	Tags
https://nodejs.org/en/blog/vulnerability/december…

Impacted products

1 product

Vendor	Product	Version
nodejs	node	Affected: 20.19.6 , ≤ 20.19.6 (semver) Affected: 22.21.1 , ≤ 22.21.1 (semver) Affected: 24.12.0 , ≤ 24.12.0 (semver) Affected: 25.2.1 , ≤ 25.2.1 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-55130",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-22T04:55:29.925532Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-289",
                "description": "CWE-289 Authentication Bypass by Alternate Name",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:42.329Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "node",
          "vendor": "nodejs",
          "versions": [
            {
              "lessThanOrEqual": "20.19.6",
              "status": "affected",
              "version": "20.19.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "22.21.1",
              "status": "affected",
              "version": "22.21.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "24.12.0",
              "status": "affected",
              "version": "24.12.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "25.2.1",
              "status": "affected",
              "version": "25.2.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw in Node.js\u2019s Permissions model allows attackers to bypass `--allow-fs-read` and `--allow-fs-write` restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files. This breaks the expected isolation guarantees and enables arbitrary file read/write, leading to potential system compromise.\nThis vulnerability affects users of the permission model on Node.js v20,  v22,  v24, and v25."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-20T20:41:55.393Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2025-55130",
    "datePublished": "2026-01-20T20:41:55.393Z",
    "dateReserved": "2025-08-07T15:00:05.576Z",
    "dateUpdated": "2026-02-26T14:44:42.329Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-55131 (GCVE-0-2025-55131)

Vulnerability from cvelistv5 – Published: 2026-01-20 20:41 – Updated: 2026-02-27 15:11

Summary

A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the `vm` module with the timeout option. Under specific timing conditions, buffers allocated with `Buffer.alloc` and other `TypedArray` instances like `Uint8Array` may contain leftover data from previous operations, allowing in-process secrets like tokens or passwords to leak or causing data corruption. While exploitation typically requires precise timing or in-process code execution, it can become remotely exploitable when untrusted input influences workload and timeouts, leading to potential confidentiality and integrity impact.

Severity

7.1 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Assigner

hackerone

References

1 reference

URL	Tags
https://nodejs.org/en/blog/vulnerability/december…

Impacted products

1 product

Vendor	Product	Version
nodejs	node	Affected: 20.19.6 , ≤ 20.19.6 (semver) Affected: 22.21.1 , ≤ 22.21.1 (semver) Affected: 24.12.0 , ≤ 24.12.0 (semver) Affected: 25.2.1 , ≤ 25.2.1 (semver) Affected: 4.0 , < 4.* (semver) Affected: 5.0 , < 5.* (semver) Affected: 6.0 , < 6.* (semver) Affected: 7.0 , < 7.* (semver) Affected: 8.0 , < 8.* (semver) Affected: 9.0 , < 9.* (semver) Affected: 10.0 , < 10.* (semver) Affected: 11.0 , < 11.* (semver) Affected: 12.0 , < 12.* (semver) Affected: 13.0 , < 13.* (semver) Affected: 14.0 , < 14.* (semver) Affected: 15.0 , < 15.* (semver) Affected: 16.0 , < 16.* (semver) Affected: 17.0 , < 17.* (semver) Affected: 18.0 , < 18.* (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-55131",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-22T04:55:31.057208Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-120",
                "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-27T15:11:22.041Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "node",
          "vendor": "nodejs",
          "versions": [
            {
              "lessThanOrEqual": "20.19.6",
              "status": "affected",
              "version": "20.19.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "22.21.1",
              "status": "affected",
              "version": "22.21.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "24.12.0",
              "status": "affected",
              "version": "24.12.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "25.2.1",
              "status": "affected",
              "version": "25.2.1",
              "versionType": "semver"
            },
            {
              "lessThan": "4.*",
              "status": "affected",
              "version": "4.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.*",
              "status": "affected",
              "version": "5.0",
              "versionType": "semver"
            },
            {
              "lessThan": "6.*",
              "status": "affected",
              "version": "6.0",
              "versionType": "semver"
            },
            {
              "lessThan": "7.*",
              "status": "affected",
              "version": "7.0",
              "versionType": "semver"
            },
            {
              "lessThan": "8.*",
              "status": "affected",
              "version": "8.0",
              "versionType": "semver"
            },
            {
              "lessThan": "9.*",
              "status": "affected",
              "version": "9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "10.*",
              "status": "affected",
              "version": "10.0",
              "versionType": "semver"
            },
            {
              "lessThan": "11.*",
              "status": "affected",
              "version": "11.0",
              "versionType": "semver"
            },
            {
              "lessThan": "12.*",
              "status": "affected",
              "version": "12.0",
              "versionType": "semver"
            },
            {
              "lessThan": "13.*",
              "status": "affected",
              "version": "13.0",
              "versionType": "semver"
            },
            {
              "lessThan": "14.*",
              "status": "affected",
              "version": "14.0",
              "versionType": "semver"
            },
            {
              "lessThan": "15.*",
              "status": "affected",
              "version": "15.0",
              "versionType": "semver"
            },
            {
              "lessThan": "16.*",
              "status": "affected",
              "version": "16.0",
              "versionType": "semver"
            },
            {
              "lessThan": "17.*",
              "status": "affected",
              "version": "17.0",
              "versionType": "semver"
            },
            {
              "lessThan": "18.*",
              "status": "affected",
              "version": "18.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw in Node.js\u0027s buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the `vm` module with the timeout option. Under specific timing conditions, buffers allocated with `Buffer.alloc` and other `TypedArray` instances like `Uint8Array` may contain leftover data from previous operations, allowing in-process secrets like tokens or passwords to leak or causing data corruption. While exploitation typically requires precise timing or in-process code execution, it can become remotely exploitable when untrusted input influences workload and timeouts, leading to potential confidentiality and integrity impact."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-20T20:41:55.591Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2025-55131",
    "datePublished": "2026-01-20T20:41:55.591Z",
    "dateReserved": "2025-08-07T15:00:05.576Z",
    "dateUpdated": "2026-02-27T15:11:22.041Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-55132 (GCVE-0-2025-55132)

Vulnerability from cvelistv5 – Published: 2026-01-20 20:41 – Updated: 2026-01-21 18:53

Summary

A flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via `futimes()` even when the process has only read permissions. Unlike `utimes()`, `futimes()` does not apply the expected write-permission checks, which means file metadata can be modified in read-only directories. This behavior could be used to alter timestamps in ways that obscure activity, reducing the reliability of logs. This vulnerability affects users of the permission model on Node.js v20, v22, v24, and v25.

Severity

2.8 (Low)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-276 - Incorrect Default Permissions

Assigner

hackerone

References

1 reference

URL	Tags
https://nodejs.org/en/blog/vulnerability/december…

Impacted products

1 product

Vendor	Product	Version
nodejs	node	Affected: 20.19.6 , ≤ 20.19.6 (semver) Affected: 22.21.1 , ≤ 22.21.1 (semver) Affected: 24.12.0 , ≤ 24.12.0 (semver) Affected: 25.2.1 , ≤ 25.2.1 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-55132",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-21T18:38:44.471272Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-276",
                "description": "CWE-276 Incorrect Default Permissions",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-21T18:53:03.738Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "node",
          "vendor": "nodejs",
          "versions": [
            {
              "lessThanOrEqual": "20.19.6",
              "status": "affected",
              "version": "20.19.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "22.21.1",
              "status": "affected",
              "version": "22.21.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "24.12.0",
              "status": "affected",
              "version": "24.12.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "25.2.1",
              "status": "affected",
              "version": "25.2.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw in Node.js\u0027s permission model allows a file\u0027s access and modification timestamps to be changed via `futimes()` even when the process has only read permissions. Unlike `utimes()`, `futimes()` does not apply the expected write-permission checks, which means file metadata can be modified in read-only directories. This behavior could be used to alter timestamps in ways that obscure activity, reducing the reliability of logs. This vulnerability affects users of the permission model on Node.js v20,  v22,  v24, and v25."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 2.8,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-20T20:41:55.620Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2025-55132",
    "datePublished": "2026-01-20T20:41:55.620Z",
    "dateReserved": "2025-08-07T15:00:05.576Z",
    "dateUpdated": "2026-01-21T18:53:03.738Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-59465 (GCVE-0-2025-59465)

Vulnerability from cvelistv5 – Published: 2026-01-20 20:41 – Updated: 2026-01-21 20:11

Summary

A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash by triggering an unhandled `TLSSocket` error `ECONNRESET`. Instead of safely closing the connection, the process crashes, enabling a remote denial of service. This primarily affects applications that do not attach explicit error handlers to secure sockets, for example: ``` server.on('secureConnection', socket => { socket.on('error', err => { console.log(err) }) }) ```

Severity

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

hackerone

References

1 reference

URL	Tags
https://nodejs.org/en/blog/vulnerability/december…

Impacted products

1 product

Vendor	Product	Version
nodejs	node	Affected: 20.19.6 , ≤ 20.19.6 (semver) Affected: 22.21.1 , ≤ 22.21.1 (semver) Affected: 24.12.0 , ≤ 24.12.0 (semver) Affected: 25.2.1 , ≤ 25.2.1 (semver) Affected: 4.0 , < 4.* (semver) Affected: 5.0 , < 5.* (semver) Affected: 6.0 , < 6.* (semver) Affected: 7.0 , < 7.* (semver) Affected: 8.0 , < 8.* (semver) Affected: 9.0 , < 9.* (semver) Affected: 10.0 , < 10.* (semver) Affected: 11.0 , < 11.* (semver) Affected: 12.0 , < 12.* (semver) Affected: 13.0 , < 13.* (semver) Affected: 14.0 , < 14.* (semver) Affected: 15.0 , < 15.* (semver) Affected: 16.0 , < 16.* (semver) Affected: 17.0 , < 17.* (semver) Affected: 18.0 , < 18.* (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59465",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-21T20:10:32.296610Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-21T20:11:28.986Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "node",
          "vendor": "nodejs",
          "versions": [
            {
              "lessThanOrEqual": "20.19.6",
              "status": "affected",
              "version": "20.19.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "22.21.1",
              "status": "affected",
              "version": "22.21.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "24.12.0",
              "status": "affected",
              "version": "24.12.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "25.2.1",
              "status": "affected",
              "version": "25.2.1",
              "versionType": "semver"
            },
            {
              "lessThan": "4.*",
              "status": "affected",
              "version": "4.0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.*",
              "status": "affected",
              "version": "5.0",
              "versionType": "semver"
            },
            {
              "lessThan": "6.*",
              "status": "affected",
              "version": "6.0",
              "versionType": "semver"
            },
            {
              "lessThan": "7.*",
              "status": "affected",
              "version": "7.0",
              "versionType": "semver"
            },
            {
              "lessThan": "8.*",
              "status": "affected",
              "version": "8.0",
              "versionType": "semver"
            },
            {
              "lessThan": "9.*",
              "status": "affected",
              "version": "9.0",
              "versionType": "semver"
            },
            {
              "lessThan": "10.*",
              "status": "affected",
              "version": "10.0",
              "versionType": "semver"
            },
            {
              "lessThan": "11.*",
              "status": "affected",
              "version": "11.0",
              "versionType": "semver"
            },
            {
              "lessThan": "12.*",
              "status": "affected",
              "version": "12.0",
              "versionType": "semver"
            },
            {
              "lessThan": "13.*",
              "status": "affected",
              "version": "13.0",
              "versionType": "semver"
            },
            {
              "lessThan": "14.*",
              "status": "affected",
              "version": "14.0",
              "versionType": "semver"
            },
            {
              "lessThan": "15.*",
              "status": "affected",
              "version": "15.0",
              "versionType": "semver"
            },
            {
              "lessThan": "16.*",
              "status": "affected",
              "version": "16.0",
              "versionType": "semver"
            },
            {
              "lessThan": "17.*",
              "status": "affected",
              "version": "17.0",
              "versionType": "semver"
            },
            {
              "lessThan": "18.*",
              "status": "affected",
              "version": "18.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash by triggering an unhandled `TLSSocket` error `ECONNRESET`. Instead of safely closing the connection, the process crashes, enabling a remote denial of service. This primarily affects applications that do not attach explicit error handlers to secure sockets, for example:\n```\nserver.on(\u0027secureConnection\u0027, socket =\u003e {\n  socket.on(\u0027error\u0027, err =\u003e {\n    console.log(err)\n  })\n})\n```"
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-20T20:41:55.317Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2025-59465",
    "datePublished": "2026-01-20T20:41:55.317Z",
    "dateReserved": "2025-09-16T15:00:07.875Z",
    "dateUpdated": "2026-01-21T20:11:28.986Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2026-1007

CVE-2025-14550 (GCVE-0-2025-14550)

CVE-2025-14831 (GCVE-0-2025-14831)

CVE-2025-15281 (GCVE-0-2025-15281)

CVE-2025-15366 (GCVE-0-2025-15366)

CVE-2025-15367 (GCVE-0-2025-15367)

CVE-2025-15599 (GCVE-0-2025-15599)

CVE-2025-55130 (GCVE-0-2025-55130)

CVE-2025-55131 (GCVE-0-2025-55131)

CVE-2025-55132 (GCVE-0-2025-55132)

CVE-2025-59465 (GCVE-0-2025-59465)

Tags

Sightings

Nomenclature