Advisory Database Sync

Author: advisory-database[bot]

advisories/github-reviewed/2026/01/GHSA-j382-5jj3-vw4j/GHSA-j382-5jj3-vw4j.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-j382-5jj3-vw4j",
-  "modified": "2026-02-06T15:11:17Z",
+  "modified": "2026-03-05T15:30:33Z",
   "published": "2026-01-07T18:30:25Z",
   "aliases": [
     "CVE-2025-12543"
@@ -88,6 +88,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:0386"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:3890"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2025-12543"

advisories/unreviewed/2026/02/GHSA-55cf-6jj6-233p/GHSA-55cf-6jj6-233p.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-55cf-6jj6-233p",
-  "modified": "2026-02-09T06:30:27Z",
+  "modified": "2026-03-05T15:30:33Z",
   "published": "2026-02-09T06:30:27Z",
   "aliases": [
     "CVE-2025-66602"
   ],
   "details": "A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.\n\n\n\nThe web server accepts\naccess by IP address. When a worm that randomly searches for IP addresses\nintrudes into the network, it could potentially be attacked by the worm.\n\n\n\nThe\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2026/02/GHSA-84hr-4cwh-x64m/GHSA-84hr-4cwh-x64m.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-84hr-4cwh-x64m",
-  "modified": "2026-02-09T06:30:27Z",
+  "modified": "2026-03-05T15:30:33Z",
   "published": "2026-02-09T06:30:27Z",
   "aliases": [
     "CVE-2025-66604"
   ],
   "details": "A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.\n\n\n\nThe library version\ncould be displayed on the web page. This information could be exploited by an\nattacker for other attacks.\n\n\n\nThe\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2026/02/GHSA-g8q7-r3f2-x8cw/GHSA-g8q7-r3f2-x8cw.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-g8q7-r3f2-x8cw",
-  "modified": "2026-02-09T06:30:27Z",
+  "modified": "2026-03-05T15:30:33Z",
   "published": "2026-02-09T06:30:27Z",
   "aliases": [
     "CVE-2025-66603"
   ],
   "details": "A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.\n\n\n\nThe web server accepts\nthe OPTIONS method. An attacker could potentially use this information to carry\nout other attacks.\n\n\n\nThe\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2026/02/GHSA-gx8g-pw4x-wmmv/GHSA-gx8g-pw4x-wmmv.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-gx8g-pw4x-wmmv",
-  "modified": "2026-02-09T06:30:28Z",
+  "modified": "2026-03-05T15:30:33Z",
   "published": "2026-02-09T06:30:28Z",
   "aliases": [
     "CVE-2025-66606"
   ],
   "details": "A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.\n\n\n\nThis product does not\nproperly encode URLs. An attacker could tamper with web pages or execute\nmalicious scripts.\n\n\n\nThe\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2026/02/GHSA-p5q4-qc3r-2w36/GHSA-p5q4-qc3r-2w36.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-p5q4-qc3r-2w36",
-  "modified": "2026-03-02T15:31:21Z",
+  "modified": "2026-03-05T15:30:34Z",
   "published": "2026-02-26T12:30:25Z",
   "aliases": [
     "CVE-2025-64999"
@@ -26,6 +26,10 @@
     {
       "type": "WEB",
       "url": "https://checkmk.com/werk/19238"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/sbaresearch/advisories/tree/e72ce9bb6b9ffffc1fc35e4d8152ad153293c851/2025/SBA-ADV-20251118-01_Checkmk_Cross_Site_Scripting"
     }
   ],
   "database_specific": {

advisories/unreviewed/2026/02/GHSA-pc5p-g2cg-mr66/GHSA-pc5p-g2cg-mr66.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-pc5p-g2cg-mr66",
-  "modified": "2026-02-09T06:30:27Z",
+  "modified": "2026-03-05T15:30:33Z",
   "published": "2026-02-09T06:30:27Z",
   "aliases": [
     "CVE-2025-66601"
   ],
   "details": "A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.\n\n\n\nThis product does not\nspecify MIME types. When an attacker performs a content sniffing attack,\nmalicious scripts could be executed.\n\n\n\nThe\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2026/02/GHSA-qg2g-5gcg-rch7/GHSA-qg2g-5gcg-rch7.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-qg2g-5gcg-rch7",
-  "modified": "2026-02-09T06:30:27Z",
+  "modified": "2026-03-05T15:30:33Z",
   "published": "2026-02-09T06:30:27Z",
   "aliases": [
     "CVE-2025-66605"
   ],
   "details": "A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.\n\n\n\nSince there are input\nfields on this webpage with the autocomplete attribute enabled, the input\ncontent could be saved in the browser the user is using.\n\n\n\nThe\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2026/03/GHSA-2369-45jq-xgc9/GHSA-2369-45jq-xgc9.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2369-45jq-xgc9",
-  "modified": "2026-03-04T18:31:52Z",
+  "modified": "2026-03-05T15:30:35Z",
   "published": "2026-03-04T18:31:52Z",
   "aliases": [
     "CVE-2025-59785"
   ],
   "details": "Improper validation of API end-point in 2N Access Commander version 3.4.2 and prior allows attacker to bypass password policy for backup file encryption.\nThis vulnerability can only be exploited after authenticating with administrator privileges.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2026/03/GHSA-26rh-3xw4-3r68/GHSA-26rh-3xw4-3r68.json

@@ -46,7 +46,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-74"
+      "CWE-74",
+      "CWE-89"
     ],
     "severity": "MODERATE",
     "github_reviewed": false,