Publish Advisories

GHSA-9f3f-wv7r-qc8r
GHSA-cfh3-3jmp-rvhc
GHSA-pqqf-7hxm-rj5r

Author: advisory-database[bot]

advisories/github-reviewed/2026/02/GHSA-9f3f-wv7r-qc8r/GHSA-9f3f-wv7r-qc8r.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-9f3f-wv7r-qc8r",
-  "modified": "2026-02-11T19:30:08Z",
+  "modified": "2026-02-11T23:14:59Z",
   "published": "2026-02-11T15:13:12Z",
   "aliases": [
     "CVE-2026-26014"
@@ -78,6 +78,10 @@
       "type": "WEB",
       "url": "https://github.com/pion/dtls/security/advisories/GHSA-9f3f-wv7r-qc8r"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26014"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/pion/dtls/pull/796"
@@ -89,6 +93,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/pion/dtls"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/pion/dtls/releases/tag/v3.1.0"
     }
   ],
   "database_specific": {
@@ -98,6 +106,6 @@
     "severity": "MODERATE",
     "github_reviewed": true,
     "github_reviewed_at": "2026-02-11T15:13:12Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-02-11T21:16:21Z"
   }
 }

advisories/github-reviewed/2026/02/GHSA-cfh3-3jmp-rvhc/GHSA-cfh3-3jmp-rvhc.json

@@ -1,14 +1,19 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-cfh3-3jmp-rvhc",
-  "modified": "2026-02-11T14:22:50Z",
+  "modified": "2026-02-11T23:14:48Z",
   "published": "2026-02-11T14:22:50Z",
   "aliases": [
     "CVE-2026-25990"
   ],
   "summary": "Pillow affected by out-of-bounds write when loading PSD images",
   "details": "### Impact\nAn out-of-bounds write may be triggered when loading a specially crafted PSD image. Pillow >= 10.3.0 users are affected.\n\n### Patches\nPillow 12.1.1 will be released shortly with a fix for this.\n\n### Workarounds\n`Image.open()` has a `formats` parameter that can be used to prevent PSD images from being opened.\n\n### References\nPillow 12.1.1 will add release notes at https://pillow.readthedocs.io/en/stable/releasenotes/index.html",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"
+    }
+  ],
   "affected": [
     {
       "package": {
@@ -35,6 +40,10 @@
       "type": "WEB",
       "url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25990"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/python-pillow/Pillow/pull/9427"
@@ -43,6 +52,10 @@
       "type": "WEB",
       "url": "https://github.com/python-pillow/Pillow/commit/54ba4db542ad3c7b918812a4e2d69c27735a3199"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/python-pillow/Pillow"
@@ -59,6 +72,6 @@
     "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2026-02-11T14:22:50Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-02-11T21:16:20Z"
   }
 }

advisories/github-reviewed/2026/02/GHSA-pqqf-7hxm-rj5r/GHSA-pqqf-7hxm-rj5r.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-pqqf-7hxm-rj5r",
-  "modified": "2026-02-11T14:23:02Z",
+  "modified": "2026-02-11T23:14:53Z",
   "published": "2026-02-11T14:23:02Z",
   "aliases": [
     "CVE-2026-26010"
@@ -40,6 +40,10 @@
       "type": "WEB",
       "url": "https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-pqqf-7hxm-rj5r"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26010"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/open-metadata/OpenMetadata"
@@ -56,6 +60,6 @@
     "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2026-02-11T14:23:02Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2026-02-11T21:16:21Z"
   }
 }