Advisory Database Sync

Author: advisory-database[bot]

advisories/unreviewed/2024/01/GHSA-cx8g-4cf5-cjv3/GHSA-cx8g-4cf5-cjv3.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-cx8g-4cf5-cjv3",
-  "modified": "2025-12-10T21:31:29Z",
+  "modified": "2026-02-27T18:31:00Z",
   "published": "2024-01-25T21:32:14Z",
   "aliases": [
     "CVE-2023-52356"
@@ -75,6 +75,14 @@
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2023-52356"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:3462"
+    },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:3461"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2025:23080"

advisories/unreviewed/2024/01/GHSA-fh6j-mgh8-7prh/GHSA-fh6j-mgh8-7prh.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-fh6j-mgh8-7prh",
-  "modified": "2025-12-10T21:31:28Z",
+  "modified": "2026-02-27T18:30:59Z",
   "published": "2024-01-25T21:32:14Z",
   "aliases": [
     "CVE-2023-52355"
@@ -39,6 +39,14 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2025:23080"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:3461"
+    },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:3462"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2023-52355"

advisories/unreviewed/2025/06/GHSA-98qw-prqm-9f4p/GHSA-98qw-prqm-9f4p.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-98qw-prqm-9f4p",
-  "modified": "2026-02-05T21:32:35Z",
+  "modified": "2026-02-27T18:31:00Z",
   "published": "2025-06-26T21:31:08Z",
   "aliases": [
     "CVE-2025-5318"
@@ -31,6 +31,14 @@
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2025-5318"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:3462"
+    },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:3461"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:1541"

advisories/unreviewed/2025/09/GHSA-qc8j-wvjf-7jfj/GHSA-qc8j-wvjf-7jfj.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-qc8j-wvjf-7jfj",
-  "modified": "2026-01-06T09:30:29Z",
+  "modified": "2026-02-27T18:31:00Z",
   "published": "2025-09-23T18:30:24Z",
   "aliases": [
     "CVE-2025-9900"
@@ -19,10 +19,6 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900"
     },
-    {
-      "type": "WEB",
-      "url": "https://access.redhat.com/errata/RHSA-2025:21507"
-    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2025:21508"
@@ -59,6 +55,14 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:0078"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:3461"
+    },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:3462"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2025-9900"
@@ -159,6 +163,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2025:21506"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2025:21507"
+    },
     {
       "type": "WEB",
       "url": "http://www.openwall.com/lists/oss-security/2025/09/26/3"

advisories/unreviewed/2025/10/GHSA-cpvj-qfc6-rjvx/GHSA-cpvj-qfc6-rjvx.json

@@ -30,7 +30,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-200"
+      "CWE-200",
+      "CWE-24"
     ],
     "severity": "MODERATE",
     "github_reviewed": false,

advisories/unreviewed/2026/01/GHSA-ch3c-9j43-xxgw/GHSA-ch3c-9j43-xxgw.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-ch3c-9j43-xxgw",
-  "modified": "2026-02-03T18:30:31Z",
+  "modified": "2026-02-27T18:31:00Z",
   "published": "2026-01-29T21:30:31Z",
   "aliases": [
     "CVE-2025-69929"
@@ -23,6 +23,10 @@
       "type": "WEB",
       "url": "https://gist.github.com/JoseAbreu28/67f5d8bfc7ba1def526efeda5771a244"
     },
+    {
+      "type": "WEB",
+      "url": "https://n3uron.com/addressing-cve-2025-69929-in-n3uron-web-user-interface"
+    },
     {
       "type": "WEB",
       "url": "https://www.linkedin.com/in/joselabreu"

advisories/unreviewed/2026/02/GHSA-22p3-cw83-672h/GHSA-22p3-cw83-672h.json

@@ -0,0 +1,48 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-22p3-cw83-672h",
+  "modified": "2026-02-27T18:31:06Z",
+  "published": "2026-02-27T18:31:06Z",
+  "aliases": [
+    "CVE-2019-25494"
+  ],
+  "details": "Homey BNB V4 contains an SQL injection vulnerability in the administration panel login that allows unauthenticated attackers to bypass authentication by injecting SQL syntax into username and password fields. Attackers can submit SQL operators like '=' 'or' in both credentials to manipulate the authentication query and gain unauthorized access to the admin panel.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25494"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.doditsolutions.com/airbnb-clone-script"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.exploit-db.com/exploits/46616"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/homey-bnb-sql-injection-authentication-bypass-via-admin-panel"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-27T18:16:05Z"
+  }
+}

advisories/unreviewed/2026/02/GHSA-28ww-g7m4-w94r/GHSA-28ww-g7m4-w94r.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-28ww-g7m4-w94r",
-  "modified": "2026-02-20T18:31:33Z",
+  "modified": "2026-02-27T18:31:00Z",
   "published": "2026-02-20T18:31:33Z",
   "aliases": [
     "CVE-2025-60183"
   ],
   "details": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in silence Silencesoft RSS Reader external-rss-reader allows Stored XSS.This issue affects Silencesoft RSS Reader: from n/a through <= 0.6.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -23,7 +28,7 @@
     "cwe_ids": [
       "CWE-79"
     ],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2026-02-20T16:22:02Z"

advisories/unreviewed/2026/02/GHSA-2f8f-8j4g-347v/GHSA-2f8f-8j4g-347v.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2f8f-8j4g-347v",
-  "modified": "2026-02-19T18:31:52Z",
+  "modified": "2026-02-27T18:31:00Z",
   "published": "2026-02-19T18:31:52Z",
   "aliases": [
     "CVE-2026-25305"
   ],
   "details": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore xstore allows DOM-Based XSS.This issue affects XStore: from n/a through <= 9.6.4.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -23,7 +28,7 @@
     "cwe_ids": [
       "CWE-79"
     ],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2026-02-19T09:16:14Z"

advisories/unreviewed/2026/02/GHSA-34c9-25wc-q378/GHSA-34c9-25wc-q378.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-34c9-25wc-q378",
+  "modified": "2026-02-27T18:31:05Z",
+  "published": "2026-02-27T18:31:05Z",
+  "aliases": [
+    "CVE-2026-2750"
+  ],
+  "details": "Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2750"
+    },
+    {
+      "type": "WEB",
+      "url": "https://thewatch.centreon.com/latest-security-bulletins-64/cve-2026-2750-centreon-web-critical-severity-5503"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-20"
+    ],
+    "severity": "CRITICAL",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-27T16:16:25Z"
+  }
+}