Publish Advisories

GHSA-822c-h5gx-7pw7
GHSA-88gg-5jpf-jc8f
GHSA-95x5-2fg3-wr5q
GHSA-h385-cwmv-vj9f
GHSA-m26w-8h7j-ggp7
GHSA-p4c6-vgj5-cp35
GHSA-rh27-rh4c-2g53
GHSA-x677-27jv-v4hg
GHSA-x78v-9635-m8h6

Author: advisory-database[bot]

advisories/unreviewed/2026/02/GHSA-822c-h5gx-7pw7/GHSA-822c-h5gx-7pw7.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-822c-h5gx-7pw7",
+  "modified": "2026-02-15T12:30:25Z",
+  "published": "2026-02-15T12:30:25Z",
+  "aliases": [
+    "CVE-2026-2540"
+  ],
+  "details": "The Micca KE700 system contains flawed resynchronization logic and is vulnerable to replay attacks. This attack requires sending two previously captured codes in a specific sequence. As a result, the system can be forced to accept previously used (stale) rolling codes and execute a command. Successful exploitation allows an attacker to clone the alarm key. This grants the attacker unauthorized access to the vehicle to unlock or lock the doors.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:M/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2540"
+    },
+    {
+      "type": "WEB",
+      "url": "https://asrg.io/security-advisories/cve-2026-2540"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-288"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-15T11:15:55Z"
+  }
+}

advisories/unreviewed/2026/02/GHSA-88gg-5jpf-jc8f/GHSA-88gg-5jpf-jc8f.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-88gg-5jpf-jc8f",
+  "modified": "2026-02-15T12:30:25Z",
+  "published": "2026-02-15T12:30:25Z",
+  "aliases": [
+    "CVE-2026-2539"
+  ],
+  "details": "The RF communication protocol in the Micca KE700 car alarm system does not encrypt its data frames. An attacker with a radio interception tool (e.g., SDR) can capture the random number and counters transmitted in cleartext, which is sensitive information required for authentication.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:D/RE:H/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2539"
+    },
+    {
+      "type": "WEB",
+      "url": "https://asrg.io/security-advisories/cve-2026-2539-micca-ke700-cleartext-transmission-of-key-fob-id"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-319"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-15T11:15:54Z"
+  }
+}

advisories/unreviewed/2026/02/GHSA-95x5-2fg3-wr5q/GHSA-95x5-2fg3-wr5q.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-95x5-2fg3-wr5q",
+  "modified": "2026-02-15T12:30:25Z",
+  "published": "2026-02-15T12:30:25Z",
+  "aliases": [
+    "CVE-2025-32059"
+  ],
+  "details": "The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on the established upper layer L2CAP channel. An attacker can leverage this vulnerability to obtain remote code execution on the Infotainment ECU with root privileges.\n\n\n\nFirst identified on Nissan Leaf ZE1 manufactured in 2020.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32059"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-nissan-infotainment-manufactured-by-bosch"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.nissan.co.uk/vehicles/new-vehicles/leaf.html"
+    },
+    {
+      "type": "WEB",
+      "url": "http://i.blackhat.com/Asia-25/Asia-25-Evdokimov-Remote-Exploitation-of-Nissan-Leaf.pdf"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-121"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-15T11:15:53Z"
+  }
+}

advisories/unreviewed/2026/02/GHSA-h385-cwmv-vj9f/GHSA-h385-cwmv-vj9f.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-h385-cwmv-vj9f",
+  "modified": "2026-02-15T12:30:25Z",
+  "published": "2026-02-15T12:30:25Z",
+  "aliases": [
+    "CVE-2026-2541"
+  ],
+  "details": "The Micca KE700 system relies on a 6-bit portion of an identifier for authentication within rolling codes, providing only 64 possible combinations. This low entropy allows an attacker to perform a brute-force attack against one component of the rolling code. Successful exploitation simplify an attacker to predict the next valid rolling code, granting unauthorized access to the vehicle.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:H/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2541"
+    },
+    {
+      "type": "WEB",
+      "url": "https://asrg.io/security-advisories/cve-2026-2541"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-331"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-15T11:15:55Z"
+  }
+}

advisories/unreviewed/2026/02/GHSA-m26w-8h7j-ggp7/GHSA-m26w-8h7j-ggp7.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-m26w-8h7j-ggp7",
+  "modified": "2026-02-15T12:30:25Z",
+  "published": "2026-02-15T12:30:25Z",
+  "aliases": [
+    "CVE-2025-32061"
+  ],
+  "details": "The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on the established upper layer L2CAP channel. An attacker can leverage this vulnerability to obtain remote code execution on the Infotainment ECU with root privileges.\n\n\n\nFirst identified on Nissan Leaf ZE1 manufactured in 2020.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32061"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-nissan-infotainment-manufactured-by-bosch"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.nissan.co.uk/vehicles/new-vehicles/leaf.html"
+    },
+    {
+      "type": "WEB",
+      "url": "http://i.blackhat.com/Asia-25/Asia-25-Evdokimov-Remote-Exploitation-of-Nissan-Leaf.pdf"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-121"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-15T11:15:54Z"
+  }
+}

advisories/unreviewed/2026/02/GHSA-p4c6-vgj5-cp35/GHSA-p4c6-vgj5-cp35.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-p4c6-vgj5-cp35",
+  "modified": "2026-02-15T12:30:25Z",
+  "published": "2026-02-15T12:30:25Z",
+  "aliases": [
+    "CVE-2025-32063"
+  ],
+  "details": "There is a misconfiguration vulnerability inside the Infotainment ECU manufactured by BOSCH. The vulnerability happens during the startup phase of a specific systemd service, and as a result, the following developer features will be activated: the disabled firewall and the launched SSH server.\n\n\n\nFirst identified on Nissan Leaf ZE1 manufactured in 2020.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32063"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-nissan-infotainment-manufactured-by-bosch"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.nissan.co.uk/vehicles/new-vehicles/leaf.html"
+    },
+    {
+      "type": "WEB",
+      "url": "http://i.blackhat.com/Asia-25/Asia-25-Evdokimov-Remote-Exploitation-of-Nissan-Leaf.pdf"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-306"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-15T11:15:54Z"
+  }
+}

advisories/unreviewed/2026/02/GHSA-rh27-rh4c-2g53/GHSA-rh27-rh4c-2g53.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-rh27-rh4c-2g53",
+  "modified": "2026-02-15T12:30:25Z",
+  "published": "2026-02-15T12:30:25Z",
+  "aliases": [
+    "CVE-2025-32062"
+  ],
+  "details": "The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on the established upper layer L2CAP channel. An attacker can leverage this vulnerability to obtain remote code execution on the Infotainment ECU with root privileges.\n\n\n\nFirst identified on Nissan Leaf ZE1 manufactured in 2020.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32062"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-nissan-infotainment-manufactured-by-bosch"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.nissan.co.uk/vehicles/new-vehicles/leaf.html"
+    },
+    {
+      "type": "WEB",
+      "url": "http://i.blackhat.com/Asia-25/Asia-25-Evdokimov-Remote-Exploitation-of-Nissan-Leaf.pdf"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-121"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-15T11:15:54Z"
+  }
+}

advisories/unreviewed/2026/02/GHSA-x677-27jv-v4hg/GHSA-x677-27jv-v4hg.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-x677-27jv-v4hg",
+  "modified": "2026-02-15T12:30:25Z",
+  "published": "2026-02-15T12:30:25Z",
+  "aliases": [
+    "CVE-2025-32058"
+  ],
+  "details": "The Infotainment ECU manufactured by Bosch uses a RH850 module for CAN communication. RH850 is connected to infotainment over the INC interface through a custom protocol. There is a vulnerability during processing requests of this protocol on the V850 side which allows an attacker with code execution on the infotainment main SoC to perform code execution on the RH850 module and subsequently send arbitrary CAN messages over the connected CAN bus.\n\n\n\nFirst identified on Nissan Leaf ZE1 manufactured in 2020.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32058"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-nissan-infotainment-manufactured-by-bosch"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.nissan.co.uk/vehicles/new-vehicles/leaf.html"
+    },
+    {
+      "type": "WEB",
+      "url": "http://i.blackhat.com/Asia-25/Asia-25-Evdokimov-Remote-Exploitation-of-Nissan-Leaf.pdf"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-121"
+    ],
+    "severity": "CRITICAL",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-15T11:15:52Z"
+  }
+}

advisories/unreviewed/2026/02/GHSA-x78v-9635-m8h6/GHSA-x78v-9635-m8h6.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-x78v-9635-m8h6",
+  "modified": "2026-02-15T12:30:25Z",
+  "published": "2026-02-15T12:30:25Z",
+  "aliases": [
+    "CVE-2025-32060"
+  ],
+  "details": "The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user (due to additional vulnerabilities), then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a flaw can lead to taking control over the entire system.\n\n\n\nFirst identified on Nissan Leaf ZE1 manufactured in 2020.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32060"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-nissan-infotainment-manufactured-by-bosch"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.nissan.co.uk/vehicles/new-vehicles/leaf.html"
+    },
+    {
+      "type": "WEB",
+      "url": "http://i.blackhat.com/Asia-25/Asia-25-Evdokimov-Remote-Exploitation-of-Nissan-Leaf.pdf"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-347"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-15T11:15:54Z"
+  }
+}