Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit 4690158c7cc1 · 2026-06-16T00:36:31.000Z
GHSA-59rx-q76w-hqrw GHSA-c866-5hw6-cqf9 GHSA-hwwh-4hhw-h9jf GHSA-jg8v-92xc-cx65 GHSA-m6w2-p258-gxqp GHSA-7f48-x95j-2r8c GHSA-88g7-87jg-w4q9 GHSA-98v4-mv97-2f2x GHSA-g3g7-r6qj-455p GHSA-g736-3qxc-3xmm GHSA-h3g4-wmrw-rm63 GHSA-hpfm-h576-jwmh GHSA-jrh2-f5jc-xpgr GHSA-q354-79q7-wx65 GHSA-q5cv-5vf6-95gp GHSA-v5vr-c46f-3vhm
diff --git a/advisories/unreviewed/2026/05/GHSA-59rx-q76w-hqrw/GHSA-59rx-q76w-hqrw.json b/advisories/unreviewed/2026/05/GHSA-59rx-q76w-hqrw/GHSA-59rx-q76w-hqrw.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-59rx-q76w-hqrw",
-  "modified": "2026-06-10T18:31:39Z",
+  "modified": "2026-06-16T00:34:23Z",
   "published": "2026-05-27T12:31:22Z",
   "aliases": [
     "CVE-2026-3012"
@@ -31,6 +31,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:25049"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:25979"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2026-3012"
diff --git a/advisories/unreviewed/2026/05/GHSA-c866-5hw6-cqf9/GHSA-c866-5hw6-cqf9.json b/advisories/unreviewed/2026/05/GHSA-c866-5hw6-cqf9/GHSA-c866-5hw6-cqf9.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-c866-5hw6-cqf9",
-  "modified": "2026-06-10T18:31:39Z",
+  "modified": "2026-06-16T00:34:23Z",
   "published": "2026-05-27T15:33:10Z",
   "aliases": [
     "CVE-2026-1933"
@@ -27,6 +27,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:25049"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:25979"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2026-1933"
diff --git a/advisories/unreviewed/2026/05/GHSA-hwwh-4hhw-h9jf/GHSA-hwwh-4hhw-h9jf.json b/advisories/unreviewed/2026/05/GHSA-hwwh-4hhw-h9jf/GHSA-hwwh-4hhw-h9jf.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-hwwh-4hhw-h9jf",
-  "modified": "2026-06-10T18:31:39Z",
+  "modified": "2026-06-16T00:34:23Z",
   "published": "2026-05-26T15:32:11Z",
   "aliases": [
     "CVE-2026-4480"
@@ -31,6 +31,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:25049"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:25979"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2026-4480"
diff --git a/advisories/unreviewed/2026/05/GHSA-jg8v-92xc-cx65/GHSA-jg8v-92xc-cx65.json b/advisories/unreviewed/2026/05/GHSA-jg8v-92xc-cx65/GHSA-jg8v-92xc-cx65.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-jg8v-92xc-cx65",
-  "modified": "2026-06-10T18:31:39Z",
+  "modified": "2026-06-16T00:34:24Z",
   "published": "2026-05-28T09:31:19Z",
   "aliases": [
     "CVE-2026-4408"
@@ -31,6 +31,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:25049"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:25979"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2026-4408"
diff --git a/advisories/unreviewed/2026/05/GHSA-m6w2-p258-gxqp/GHSA-m6w2-p258-gxqp.json b/advisories/unreviewed/2026/05/GHSA-m6w2-p258-gxqp/GHSA-m6w2-p258-gxqp.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-m6w2-p258-gxqp",
-  "modified": "2026-06-10T18:31:39Z",
+  "modified": "2026-06-16T00:34:24Z",
   "published": "2026-05-27T15:33:11Z",
   "aliases": [
     "CVE-2026-2340"
@@ -27,6 +27,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:25049"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:25979"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2026-2340"
diff --git a/advisories/unreviewed/2026/06/GHSA-7f48-x95j-2r8c/GHSA-7f48-x95j-2r8c.json b/advisories/unreviewed/2026/06/GHSA-7f48-x95j-2r8c/GHSA-7f48-x95j-2r8c.json
@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-7f48-x95j-2r8c",
+  "modified": "2026-06-16T00:34:25Z",
+  "published": "2026-06-16T00:34:25Z",
+  "aliases": [
+    "CVE-2026-9261"
+  ],
+  "details": "Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9261"
+    },
+    {
+      "type": "WEB",
+      "url": "https://canon.jp/support/support-info/260615vulnerability-response"
+    },
+    {
+      "type": "WEB",
+      "url": "https://psirt.canon/advisory-information/cp2026-005"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.canon-europe.com/support/product-security"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-327"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-06-16T00:16:35Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/06/GHSA-88g7-87jg-w4q9/GHSA-88g7-87jg-w4q9.json b/advisories/unreviewed/2026/06/GHSA-88g7-87jg-w4q9/GHSA-88g7-87jg-w4q9.json
@@ -0,0 +1,39 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-88g7-87jg-w4q9",
+  "modified": "2026-06-16T00:34:24Z",
+  "published": "2026-06-16T00:34:24Z",
+  "aliases": [
+    "CVE-2026-12205"
+  ],
+  "details": "Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery.\n\nCrypt::DSA::sign caches the per-signature nonce material in the Key object without ever clearing it.\n\nThe first sign() on a Key object picks a nonce, and every later sign() on that same object reuses it, producing an identical \"r\".\n\nKeys used to sign more than once with an affected version should be considered compromised.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12205"
+    },
+    {
+      "type": "WEB",
+      "url": "https://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.20/source/lib/Crypt/DSA.pm#L47"
+    },
+    {
+      "type": "WEB",
+      "url": "https://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.21/changes"
+    },
+    {
+      "type": "WEB",
+      "url": "http://www.openwall.com/lists/oss-security/2026/06/15/4"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-323"
+    ],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-06-15T23:16:43Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/06/GHSA-98v4-mv97-2f2x/GHSA-98v4-mv97-2f2x.json b/advisories/unreviewed/2026/06/GHSA-98v4-mv97-2f2x/GHSA-98v4-mv97-2f2x.json
@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-98v4-mv97-2f2x",
+  "modified": "2026-06-16T00:34:24Z",
+  "published": "2026-06-16T00:34:24Z",
+  "aliases": [
+    "CVE-2026-9258"
+  ],
+  "details": "Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9258"
+    },
+    {
+      "type": "WEB",
+      "url": "https://canon.jp/support/support-info/260615vulnerability-response"
+    },
+    {
+      "type": "WEB",
+      "url": "https://psirt.canon/advisory-information/cp2026-005"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.canon-europe.com/support/product-security"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-295"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-06-16T00:16:35Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/06/GHSA-g3g7-r6qj-455p/GHSA-g3g7-r6qj-455p.json b/advisories/unreviewed/2026/06/GHSA-g3g7-r6qj-455p/GHSA-g3g7-r6qj-455p.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-g3g7-r6qj-455p",
-  "modified": "2026-06-11T21:31:56Z",
+  "modified": "2026-06-16T00:34:24Z",
   "published": "2026-06-11T21:31:56Z",
   "aliases": [
     "CVE-2026-48547"
@@ -23,6 +23,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48547"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/lingdojo/kana-dojo/commit/31b85a5d7c4b323ddeba3b2dc5e7807558710544"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/lingdojo/kana-dojo/releases/tag/v0.1.18"
diff --git a/advisories/unreviewed/2026/06/GHSA-g736-3qxc-3xmm/GHSA-g736-3qxc-3xmm.json b/advisories/unreviewed/2026/06/GHSA-g736-3qxc-3xmm/GHSA-g736-3qxc-3xmm.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-g736-3qxc-3xmm",
+  "modified": "2026-06-16T00:34:24Z",
+  "published": "2026-06-16T00:34:24Z",
+  "aliases": [
+    "CVE-2026-5064"
+  ],
+  "details": "Potential security vulnerabilities have been identified in the HP One \nAgent for certain HP PC products, which might allow\n               for escalation of privilege and/or denial of service. HP \nis releasing software updates to mitigate these potential \nvulnerabilities.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5064"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.hp.com/us-en/document/ish_15146555-15146580-16/hpsbhf04060"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-427"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-06-15T22:16:18Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/06/GHSA-h3g4-wmrw-rm63/GHSA-h3g4-wmrw-rm63.json b/advisories/unreviewed/2026/06/GHSA-h3g4-wmrw-rm63/GHSA-h3g4-wmrw-rm63.json
@@ -0,0 +1,43 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-h3g4-wmrw-rm63",
+  "modified": "2026-06-16T00:34:24Z",
+  "published": "2026-06-16T00:34:24Z",
+  "aliases": [
+    "CVE-2026-11832"
+  ],
+  "details": "Dancer2::Plugin::Auth::OAuth versions before 0.22 for Perl default to a predictable nonce.\n\nThe default nonce was generated using an MD5 hash of the epoch time, which is predictable.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11832"
+    },
+    {
+      "type": "WEB",
+      "url": "https://datatracker.ietf.org/doc/html/rfc5849#section-3.3"
+    },
+    {
+      "type": "WEB",
+      "url": "https://datatracker.ietf.org/doc/html/rfc5849#section-4.9"
+    },
+    {
+      "type": "WEB",
+      "url": "https://metacpan.org/release/BIAFRA/Dancer2-Plugin-Auth-OAuth-0.22/changes"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22376"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-338"
+    ],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-06-15T22:16:15Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/06/GHSA-hpfm-h576-jwmh/GHSA-hpfm-h576-jwmh.json b/advisories/unreviewed/2026/06/GHSA-hpfm-h576-jwmh/GHSA-hpfm-h576-jwmh.json
diff --git a/advisories/unreviewed/2026/06/GHSA-jrh2-f5jc-xpgr/GHSA-jrh2-f5jc-xpgr.json b/advisories/unreviewed/2026/06/GHSA-jrh2-f5jc-xpgr/GHSA-jrh2-f5jc-xpgr.json
diff --git a/advisories/unreviewed/2026/06/GHSA-q354-79q7-wx65/GHSA-q354-79q7-wx65.json b/advisories/unreviewed/2026/06/GHSA-q354-79q7-wx65/GHSA-q354-79q7-wx65.json
diff --git a/advisories/unreviewed/2026/06/GHSA-q5cv-5vf6-95gp/GHSA-q5cv-5vf6-95gp.json b/advisories/unreviewed/2026/06/GHSA-q5cv-5vf6-95gp/GHSA-q5cv-5vf6-95gp.json
diff --git a/advisories/unreviewed/2026/06/GHSA-v5vr-c46f-3vhm/GHSA-v5vr-c46f-3vhm.json b/advisories/unreviewed/2026/06/GHSA-v5vr-c46f-3vhm/GHSA-v5vr-c46f-3vhm.json
