Sync EUVD catalog: Fri May 15 00:48:59 UTC 2026

Signed-off-by: AboutCode Automation <automation@aboutcode.org>

Author: aboutcode-automation

advisories/2026/03/EUVD-2019-20043.json

@@ -2,12 +2,12 @@
   "id": "EUVD-2019-20043",
   "enisaUuid": "bfe747e2-0a73-3abc-9446-7a52d7e7a210",
   "description": "UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper certificate verification vulnerability that allows adjacent network attackers to conduct man-in-the-middle attacks by presenting a false SSL certificate during SMTP connections. Attackers can intercept SMTP traffic and obtain credentials by exploiting the insecure SSL host verification mechanism in the SMTP certificate validation process.",
-  "datePublished": "Mar 28, 2026, 12:31:15 AM",
-  "dateUpdated": "Mar 28, 2026, 12:31:15 AM",
-  "baseScore": 7.6,
+  "datePublished": "Mar 27, 2026, 9:19:26 PM",
+  "dateUpdated": "May 14, 2026, 2:06:36 AM",
+  "baseScore": 7.7,
   "baseScoreVersion": "4.0",
   "baseScoreVector": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
-  "references": "https://community.ui.com/releases/Security-Advisory-Bulletin-003-003/982bbaa8-2a07-4f81-a5f6-0bb84753f391\nhttps://www.vulncheck.com/advisories/unifi-network-controller-improper-certificate-validation-leading-to-credential-theft-via-mitm\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-25652\n",
+  "references": "https://community.ui.com/releases/Security-Advisory-Bulletin-003-003/982bbaa8-2a07-4f81-a5f6-0bb84753f391\nhttps://www.vulncheck.com/advisories/unifi-network-controller-improper-certificate-validation-leading-to-credential-theft-via-mitm\n",
   "aliases": "CVE-2019-25652\n",
   "assigner": "VulnCheck",
   "epss": 0.01,

advisories/2026/03/EUVD-2024-55504.json

@@ -2,15 +2,15 @@
   "id": "EUVD-2024-55504",
   "enisaUuid": "9ef2ec76-18f1-3b73-b08d-30a3a1ad1bfc",
   "description": "OpenCart Core 4.0.2.3 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'search' parameter. Attackers can send GET requests to the product search endpoint with malicious 'search' values to extract sensitive database information using boolean-based blind or time-based blind SQL injection techniques.",
-  "datePublished": "Mar 25, 2026, 6:31:46 PM",
-  "dateUpdated": "Mar 25, 2026, 6:31:46 PM",
+  "datePublished": "Mar 25, 2026, 4:04:35 PM",
+  "dateUpdated": "May 14, 2026, 2:07:15 AM",
   "baseScore": 8.8,
   "baseScoreVersion": "4.0",
   "baseScoreVector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
-  "references": "https://www.exploit-db.com/exploits/51940\nhttps://www.opencart.com/\nhttps://github.com/opencart/opencart/releases\nhttps://www.vulncheck.com/advisories/opencart-core-sql-injection-via-search-parameter\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-58341\n",
+  "references": "https://www.exploit-db.com/exploits/51940\nhttps://www.opencart.com/\nhttps://github.com/opencart/opencart/releases\nhttps://www.vulncheck.com/advisories/opencart-core-sql-injection-via-search-parameter\n",
   "aliases": "CVE-2024-58341\nGHSA-rchp-2wh9-pwpw\n",
   "assigner": "VulnCheck",
-  "epss": 0.07,
+  "epss": 0.12,
   "enisaIdProduct": [
     {
       "id": "9e21a27e-ff80-3977-a1e9-c8390a7f2926",

advisories/2026/03/EUVD-2025-208871.json

@@ -2,15 +2,15 @@
   "id": "EUVD-2025-208871",
   "enisaUuid": "daf94be6-1d44-3162-85d0-92bc9dad75c5",
   "description": "BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain an authentication bypass vulnerability due to improper enforcement of security filters on restricted REST API endpoints and servlets. Unauthenticated remote attackers can bypass access controls to invoke restricted functionality and gain unauthorized access to application data and modify system resources.\u00a0The following hotfixes remediate the vulnerability: 20.20.02, 20.20.03.002, 20.21.01.001, 20.21.02.002, 20.22.01, 20.22.01.001, 20.23.01, 20.23.01.002, and 20.24.01.",
-  "datePublished": "Mar 19, 2026, 3:31:21 PM",
-  "dateUpdated": "Mar 19, 2026, 3:31:21 PM",
+  "datePublished": "Mar 19, 2026, 1:43:37 PM",
+  "dateUpdated": "May 14, 2026, 2:08:58 AM",
   "baseScore": 6.9,
   "baseScoreVersion": "4.0",
   "baseScoreVector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
-  "references": "https://docs.bmc.com/xwiki/bin/view/More-Products/Footprints/FootPrints/fp2024/Release-notes/2024-Release-01-Patch-2/\nhttps://labs.watchtowr.com/thanks-itsms-threat-actors-have-never-been-so-organized-bmc-footprints-pre-auth-remote-code-execution-chains/\nhttps://www.vulncheck.com/advisories/bmc-footprints-itsm-authentication-bypass\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-71257\n",
-  "aliases": "CVE-2025-71257\n",
+  "references": "https://docs.bmc.com/xwiki/bin/view/More-Products/Footprints/FootPrints/fp2024/Release-notes/2024-Release-01-Patch-2/\nhttps://labs.watchtowr.com/thanks-itsms-threat-actors-have-never-been-so-organized-bmc-footprints-pre-auth-remote-code-execution-chains/\nhttps://www.vulncheck.com/advisories/bmc-footprints-itsm-authentication-bypass\n",
+  "aliases": "GHSA-5pjp-c363-m6g8\nCVE-2025-71257\n",
   "assigner": "VulnCheck",
-  "epss": 3.44,
+  "epss": 15.57,
   "enisaIdProduct": [
     {
       "id": "3ee7bb52-8a54-3679-baae-0a724072e194",

advisories/2026/03/EUVD-2025-208873.json

@@ -2,15 +2,15 @@
   "id": "EUVD-2025-208873",
   "enisaUuid": "c943cf3d-817b-321b-9ca1-f9619f4ad8e0",
   "description": "BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery vulnerability in the searchWeb API component that allows authenticated attackers to cause the server to initiate arbitrary outbound requests. Attackers can exploit improper URL validation to perform internal network scanning or interact with internal services, impacting system availability.\u00a0The following hotfixes remediate the vulnerability: 20.20.02, 20.20.03.002, 20.21.01.001, 20.21.02.002, 20.22.01, 20.22.01.001, 20.23.01, 20.23.01.002, and 20.24.01.",
-  "datePublished": "Mar 19, 2026, 3:31:21 PM",
-  "dateUpdated": "Mar 19, 2026, 3:31:21 PM",
+  "datePublished": "Mar 19, 2026, 1:44:09 PM",
+  "dateUpdated": "May 14, 2026, 2:08:59 AM",
   "baseScore": 5.3,
   "baseScoreVersion": "4.0",
   "baseScoreVector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
-  "references": "https://docs.bmc.com/xwiki/bin/view/More-Products/Footprints/FootPrints/fp2024/Release-notes/2024-Release-01-Patch-2/\nhttps://labs.watchtowr.com/thanks-itsms-threat-actors-have-never-been-so-organized-bmc-footprints-pre-auth-remote-code-execution-chains/\nhttps://www.vulncheck.com/advisories/bmc-footprints-itsm-blind-ssrf-in-searchweb\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-71258\n",
+  "references": "https://docs.bmc.com/xwiki/bin/view/More-Products/Footprints/FootPrints/fp2024/Release-notes/2024-Release-01-Patch-2/\nhttps://labs.watchtowr.com/thanks-itsms-threat-actors-have-never-been-so-organized-bmc-footprints-pre-auth-remote-code-execution-chains/\nhttps://www.vulncheck.com/advisories/bmc-footprints-itsm-blind-ssrf-in-searchweb\n",
   "aliases": "CVE-2025-71258\n",
   "assigner": "VulnCheck",
-  "epss": 2.45,
+  "epss": 1.8,
   "enisaIdProduct": [
     {
       "id": "c9930c82-7893-3289-93f9-0c7f768c8662",

advisories/2026/03/EUVD-2025-208875.json

@@ -2,15 +2,15 @@
   "id": "EUVD-2025-208875",
   "enisaUuid": "a8a1373c-106d-3579-8b6f-8258f5d9e6a9",
   "description": "BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery vulnerability in the externalfeed/RSS API component that allows authenticated attackers to trigger arbitrary outbound requests from the server. Attackers can exploit insufficient validation of externally supplied resource references to interact with internal services or cause resource exhaustion impacting availability.\u00a0The following hotfixes remediate the vulnerability: 20.20.02, 20.20.03.002, 20.21.01.001, 20.21.02.002, 20.22.01, 20.22.01.001, 20.23.01, 20.23.01.002, and 20.24.01.",
-  "datePublished": "Mar 19, 2026, 3:31:21 PM",
-  "dateUpdated": "Mar 19, 2026, 3:31:21 PM",
+  "datePublished": "Mar 19, 2026, 1:44:38 PM",
+  "dateUpdated": "May 14, 2026, 2:09:00 AM",
   "baseScore": 5.3,
   "baseScoreVersion": "4.0",
   "baseScoreVector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
-  "references": "https://docs.bmc.com/xwiki/bin/view/More-Products/Footprints/FootPrints/fp2024/Release-notes/2024-Release-01-Patch-2/\nhttps://labs.watchtowr.com/thanks-itsms-threat-actors-have-never-been-so-organized-bmc-footprints-pre-auth-remote-code-execution-chains/\nhttps://www.vulncheck.com/advisories/bmc-footprints-itsm-blind-ssrf-in-externalfeed-rss\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-71259\n",
-  "aliases": "CVE-2025-71259\n",
+  "references": "https://docs.bmc.com/xwiki/bin/view/More-Products/Footprints/FootPrints/fp2024/Release-notes/2024-Release-01-Patch-2/\nhttps://labs.watchtowr.com/thanks-itsms-threat-actors-have-never-been-so-organized-bmc-footprints-pre-auth-remote-code-execution-chains/\nhttps://www.vulncheck.com/advisories/bmc-footprints-itsm-blind-ssrf-in-externalfeed-rss\n",
+  "aliases": "CVE-2025-71259\nGHSA-787q-47vg-6mqr\n",
   "assigner": "VulnCheck",
-  "epss": 2.09,
+  "epss": 2.59,
   "enisaIdProduct": [
     {
       "id": "7480e90d-583d-336b-875d-2bb6425fedd9",

advisories/2026/03/EUVD-2025-208877.json

@@ -2,15 +2,15 @@
   "id": "EUVD-2025-208877",
   "enisaUuid": "4f232acb-f313-35c8-bf38-eb8ed9ffe9b8",
   "description": "BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a deserialization of untrusted data vulnerability in the ASP.NET servlet's VIEWSTATE handling that allows authenticated attackers to execute arbitrary code. Attackers can supply crafted serialized objects to the VIEWSTATE parameter to achieve remote code execution and fully compromise the application.\u00a0The following hotfixes remediate the vulnerability: 20.20.02, 20.20.03.002, 20.21.01.001, 20.21.02.002, 20.22.01, 20.22.01.001, 20.23.01, 20.23.01.002, and 20.24.01.",
-  "datePublished": "Mar 19, 2026, 3:31:21 PM",
-  "dateUpdated": "Mar 19, 2026, 3:31:21 PM",
+  "datePublished": "Mar 19, 2026, 1:45:05 PM",
+  "dateUpdated": "May 14, 2026, 2:09:01 AM",
   "baseScore": 8.7,
   "baseScoreVersion": "4.0",
   "baseScoreVector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
-  "references": "https://docs.bmc.com/xwiki/bin/view/More-Products/Footprints/FootPrints/fp2024/Release-notes/2024-Release-01-Patch-2/\nhttps://labs.watchtowr.com/thanks-itsms-threat-actors-have-never-been-so-organized-bmc-footprints-pre-auth-remote-code-execution-chains/\nhttps://www.vulncheck.com/advisories/bmc-footprints-itsm-viewstate-deserialization-rce\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-71260\n",
+  "references": "https://docs.bmc.com/xwiki/bin/view/More-Products/Footprints/FootPrints/fp2024/Release-notes/2024-Release-01-Patch-2/\nhttps://labs.watchtowr.com/thanks-itsms-threat-actors-have-never-been-so-organized-bmc-footprints-pre-auth-remote-code-execution-chains/\nhttps://www.vulncheck.com/advisories/bmc-footprints-itsm-viewstate-deserialization-rce\n",
   "aliases": "GHSA-x6vr-xp32-5v9x\nCVE-2025-71260\n",
   "assigner": "VulnCheck",
-  "epss": 9.15,
+  "epss": 34.63,
   "enisaIdProduct": [
     {
       "id": "825385f0-df26-33b5-ab13-ef8acba43c54",

advisories/2026/03/EUVD-2025-209102.json

@@ -2,15 +2,15 @@
   "id": "EUVD-2025-209102",
   "enisaUuid": "9a70e8a4-f11f-36a1-8d6f-0e6b73b8bc3f",
   "description": "Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lack of renegotiation limits to consume CPU resources and render the authd service unavailable.",
-  "datePublished": "Mar 27, 2026, 6:31:27 PM",
-  "dateUpdated": "Mar 27, 2026, 6:31:27 PM",
+  "datePublished": "Mar 27, 2026, 4:23:03 PM",
+  "dateUpdated": "May 14, 2026, 2:07:19 AM",
   "baseScore": 6.9,
   "baseScoreVersion": "4.0",
   "baseScoreVector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L",
-  "references": "https://github.com/wazuh/wazuh/security/advisories/GHSA-rr83-v9v7-jjhp\nhttps://www.vulncheck.com/advisories/ssl-tls-renegotiation-dos-in-wazuh-manager-authd-service\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-15615\n",
+  "references": "https://github.com/wazuh/wazuh/security/advisories/GHSA-rr83-v9v7-jjhp\nhttps://www.vulncheck.com/advisories/ssl-tls-renegotiation-dos-in-wazuh-manager-authd-service\n",
   "aliases": "GHSA-36r3-mw6j-7ffc\nCVE-2025-15615\n",
   "assigner": "VulnCheck",
-  "epss": 0.11,
+  "epss": 0.07,
   "enisaIdProduct": [
     {
       "id": "ac01d855-a25c-35bf-84a0-42556965027c",

advisories/2026/03/EUVD-2025-209107.json

@@ -2,15 +2,15 @@
   "id": "EUVD-2025-209107",
   "enisaUuid": "6771a8aa-6cb6-370f-a811-20523540ef29",
   "description": "Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--insecure flag, disabling SSL/TLS certificate validation. Attackers with network access can perform man-in-the-middle attacks to intercept and modify downloaded dependencies or code during the build process, leading to remote code execution and supply chain compromise.",
-  "datePublished": "Mar 27, 2026, 9:31:35 PM",
-  "dateUpdated": "Mar 27, 2026, 9:31:35 PM",
+  "datePublished": "Mar 27, 2026, 6:16:11 PM",
+  "dateUpdated": "May 14, 2026, 2:07:18 AM",
   "baseScore": 6.3,
   "baseScoreVersion": "4.0",
   "baseScoreVector": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
-  "references": "https://github.com/wazuh/wazuh/security/advisories/GHSA-wvg9-7q49-c7mg\nhttps://www.vulncheck.com/advisories/various-uses-of-curl-without-verifying-the-authenticity-of-the-ssl-certificate-leading-to-mitm-rce-in-build-infrastructure\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-15612\n",
+  "references": "https://github.com/wazuh/wazuh/security/advisories/GHSA-wvg9-7q49-c7mg\nhttps://www.vulncheck.com/advisories/various-uses-of-curl-without-verifying-the-authenticity-of-the-ssl-certificate-leading-to-mitm-rce-in-build-infrastructure\n",
   "aliases": "CVE-2025-15612\nGHSA-wp7g-9j3h-9mcg\n",
   "assigner": "VulnCheck",
-  "epss": 0.04,
+  "epss": 0.07,
   "enisaIdProduct": [
     {
       "id": "958e397a-fd4c-325d-92da-a19249b5a182",

advisories/2026/03/EUVD-2026-10361.json

@@ -2,15 +2,15 @@
   "id": "EUVD-2026-10361",
   "enisaUuid": "343c0121-002f-3664-a101-c8b762a9839d",
   "description": "Camaleon CMS versions 2.4.5.0 through 2.9.0, prior to commit f54a77e, contain a path traversal vulnerability in the AWS S3 uploader implementation that allows authenticated users to read arbitrary files from the web server\u2019s filesystem. The issue occurs in the download_private_file functionality when the application is configured to use the CamaleonCmsAwsUploader backend. Unlike the local uploader implementation, the AWS uploader does not validate file paths with valid_folder_path?, allowing directory traversal sequences to be supplied via the file parameter. As a result, any authenticated user, including low-privileged registered users, can access sensitive files such as /etc/passwd. This issue represents a bypass of the incomplete fix for CVE-2024-46987 and affects deployments using the AWS S3 storage backend.",
-  "datePublished": "Mar 10, 2026, 9:31:46 AM",
-  "dateUpdated": "Mar 10, 2026, 9:31:46 AM",
+  "datePublished": "Mar 9, 2026, 9:08:06 PM",
+  "dateUpdated": "May 14, 2026, 2:09:04 AM",
   "baseScore": 6.0,
   "baseScoreVersion": "4.0",
   "baseScoreVector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
-  "references": "https://github.com/owen2345/camaleon-cms/pull/1127\nhttps://github.com/owen2345/camaleon-cms/commit/f54a77e2a7be601215ea1b396038c589a0cab9af\nhttps://camaleon.website/\nhttps://www.vulncheck.com/advisories/camaleon-cms-aws-uploader-authenticated-path-traversal-arbitrary-file-read\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-1776\n",
+  "references": "https://github.com/owen2345/camaleon-cms/pull/1127\nhttps://github.com/owen2345/camaleon-cms/commit/f54a77e2a7be601215ea1b396038c589a0cab9af\nhttps://camaleon.website/\nhttps://www.vulncheck.com/advisories/camaleon-cms-aws-uploader-authenticated-path-traversal-arbitrary-file-read\n",
   "aliases": "CVE-2026-1776\nGHSA-jw5g-f64p-6x78\n",
   "assigner": "VulnCheck",
-  "epss": 0.08,
+  "epss": 0.07,
   "enisaIdProduct": [
     {
       "id": "379ca44b-d72e-3a31-8416-ebe285c6f2b6",

advisories/2026/03/EUVD-2026-12580.json

@@ -2,15 +2,15 @@
   "id": "EUVD-2026-12580",
   "enisaUuid": "88a2ad9e-2d92-36bf-beed-fad112bc4c95",
   "description": "Perle IOLAN STS/SCS terminal server models with firmware versions prior to 6.0 allow authenticated OS command injection via the restricted shell accessed over Telnet or SSH. The shell 'ps' command does not perform proper argument sanitization and passes user-supplied parameters into an 'sh -c' invocation running as root. An authenticated attacker who can log in to the device can inject shell metacharacters after the 'ps' subcommand to execute arbitrary OS commands with root privileges, leading to full compromise of the underlying operating system.",
-  "datePublished": "Mar 17, 2026, 6:30:32 PM",
-  "dateUpdated": "Mar 17, 2026, 6:30:32 PM",
+  "datePublished": "Mar 17, 2026, 3:20:10 PM",
+  "dateUpdated": "May 14, 2026, 2:09:25 AM",
   "baseScore": 8.6,
   "baseScoreVersion": "4.0",
   "baseScoreVector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
-  "references": "https://www.perle.com/downloads/server_sds_sts_rackmount.shtml\nhttps://www.perle.com/support_services/documentation_pdfs/iolan_scs-sds-sts_ug.pdf\nhttps://www.vulncheck.com/advisories/perle-iolan-sts-scs-authenticated-command-injection-via-shell-ps\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23759\n",
+  "references": "https://www.perle.com/downloads/server_sds_sts_rackmount.shtml\nhttps://www.perle.com/support_services/documentation_pdfs/iolan_scs-sds-sts_ug.pdf\nhttps://www.vulncheck.com/advisories/perle-iolan-sts-scs-authenticated-command-injection-via-shell-ps\n",
   "aliases": "CVE-2026-23759\n",
   "assigner": "VulnCheck",
-  "epss": 0.2,
+  "epss": 0.17,
   "enisaIdProduct": [
     {
       "id": "2c26a7a5-2cc5-3672-9b1c-c2e876306b72",