Advisory Database Sync

Author: advisory-database[bot]

advisories/github-reviewed/2026/03/GHSA-752w-5fwx-jx9f/GHSA-752w-5fwx-jx9f.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-752w-5fwx-jx9f",
-  "modified": "2026-03-16T17:07:33Z",
+  "modified": "2026-05-05T18:33:22Z",
   "published": "2026-03-13T20:05:04Z",
   "aliases": [
     "CVE-2026-32597"
@@ -50,6 +50,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/jpadilla/pyjwt"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00008.html"
     }
   ],
   "database_specific": {

advisories/unreviewed/2026/02/GHSA-f57j-h7qc-9fq9/GHSA-f57j-h7qc-9fq9.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-f57j-h7qc-9fq9",
-  "modified": "2026-02-17T15:31:35Z",
+  "modified": "2026-05-05T18:33:22Z",
   "published": "2026-02-16T18:31:28Z",
   "aliases": [
     "CVE-2025-65717"
@@ -15,6 +15,10 @@
   ],
   "affected": [],
   "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/ritwickdey/vscode-live-server/security/advisories/GHSA-9qrh-552f-x896"
+    },
     {
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65717"

advisories/unreviewed/2026/02/GHSA-pm8w-jq9r-x5rp/GHSA-pm8w-jq9r-x5rp.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-pm8w-jq9r-x5rp",
-  "modified": "2026-04-22T21:31:17Z",
+  "modified": "2026-05-05T18:33:22Z",
   "published": "2026-02-09T15:30:31Z",
   "aliases": [
     "CVE-2025-14831"
@@ -94,6 +94,10 @@
     {
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:3477"
+    },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:13812"
     }
   ],
   "database_specific": {

advisories/unreviewed/2026/03/GHSA-2vwv-vqpv-v8vc/GHSA-2vwv-vqpv-v8vc.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2vwv-vqpv-v8vc",
-  "modified": "2026-04-30T15:30:32Z",
+  "modified": "2026-05-05T18:33:22Z",
   "published": "2026-03-30T09:31:29Z",
   "aliases": [
     "CVE-2026-5121"
@@ -87,6 +87,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:8510"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:13812"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:11768"

advisories/unreviewed/2026/03/GHSA-c75f-55f6-f63q/GHSA-c75f-55f6-f63q.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-c75f-55f6-f63q",
-  "modified": "2026-04-30T15:30:31Z",
+  "modified": "2026-05-05T18:33:22Z",
   "published": "2026-03-19T15:31:21Z",
   "aliases": [
     "CVE-2026-4424"
@@ -91,6 +91,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:8492"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:13812"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:11768"

advisories/unreviewed/2026/04/GHSA-g4g9-h6f9-v5x2/GHSA-g4g9-h6f9-v5x2.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-g4g9-h6f9-v5x2",
-  "modified": "2026-05-05T12:31:37Z",
+  "modified": "2026-05-05T18:33:22Z",
   "published": "2026-04-01T15:31:15Z",
   "aliases": [
     "CVE-2026-35092"
@@ -27,6 +27,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:13657"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:13673"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2026-35092"

advisories/unreviewed/2026/04/GHSA-hmg2-5h4j-37m9/GHSA-hmg2-5h4j-37m9.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-hmg2-5h4j-37m9",
-  "modified": "2026-05-05T12:31:37Z",
+  "modified": "2026-05-05T18:33:22Z",
   "published": "2026-04-01T15:31:15Z",
   "aliases": [
     "CVE-2026-35091"
@@ -27,6 +27,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:13657"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:13673"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2026-35091"

advisories/unreviewed/2026/05/GHSA-2q6x-pg74-2276/GHSA-2q6x-pg74-2276.json

@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2q6x-pg74-2276",
+  "modified": "2026-05-05T18:33:24Z",
+  "published": "2026-05-05T18:33:24Z",
+  "aliases": [
+    "CVE-2026-34002"
+  ],
+  "details": "A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory boundaries. This can lead to the exposure of sensitive information or cause the server to crash, resulting in a denial of service.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34002"
+    },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/security/cve/CVE-2026-34002"
+    },
+    {
+      "type": "WEB",
+      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451112"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-805"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-05-05T16:16:11Z"
+  }
+}

advisories/unreviewed/2026/05/GHSA-2rrx-2h24-9hm6/GHSA-2rrx-2h24-9hm6.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2rrx-2h24-9hm6",
-  "modified": "2026-05-04T18:30:29Z",
+  "modified": "2026-05-05T18:33:22Z",
   "published": "2026-05-04T18:30:29Z",
   "aliases": [
     "CVE-2026-36365"
   ],
   "details": "An issue in Lymphatus caesium-image-compressor All versions up to and including commit 02da2c6 allows a local attacker to execute arbitrary code via the shutdownMachine and putMachineToSleep functions in PostCompressionActions.cpp",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -32,8 +37,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-77"
+    ],
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2026-05-04T16:16:02Z"

advisories/unreviewed/2026/05/GHSA-386p-v9x3-gxpm/GHSA-386p-v9x3-gxpm.json

@@ -0,0 +1,33 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-386p-v9x3-gxpm",
+  "modified": "2026-05-05T18:33:24Z",
+  "published": "2026-05-05T18:33:24Z",
+  "aliases": [
+    "CVE-2025-66369"
+  ],
+  "details": "An issue was discovered in MM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Incorrect handling of 5G NR NAS registration accept messages leads to a Denial of Service.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66369"
+    },
+    {
+      "type": "WEB",
+      "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates"
+    },
+    {
+      "type": "WEB",
+      "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-66369"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-05-05T16:16:10Z"
+  }
+}