Publish Advisories

GHSA-5cv5-vm4q-7wmx
GHSA-rqcw-jqg3-qhwc

Author: advisory-database[bot]

advisories/unreviewed/2026/05/GHSA-5cv5-vm4q-7wmx/GHSA-5cv5-vm4q-7wmx.json

@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5cv5-vm4q-7wmx",
+  "modified": "2026-05-17T00:31:38Z",
+  "published": "2026-05-17T00:31:38Z",
+  "aliases": [
+    "CVE-2026-46728"
+  ],
+  "details": "Das U-Boot before 2026.04 allows FIT (Flat Image Tree) signature verification bypass because hashed-nodes is omitted from a hash.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/barebox/barebox/security/advisories/GHSA-3fvj-q26p-j6h4"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46728"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/u-boot/u-boot/commit/2092322b31cc8b1f8c9e2e238d1043ae0637b241"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-346"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-05-16T22:16:13Z"
+  }
+}

advisories/unreviewed/2026/05/GHSA-rqcw-jqg3-qhwc/GHSA-rqcw-jqg3-qhwc.json

@@ -0,0 +1,25 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-rqcw-jqg3-qhwc",
+  "modified": "2026-05-17T00:31:39Z",
+  "published": "2026-05-17T00:31:39Z",
+  "aliases": [
+    "CVE-2026-6050"
+  ],
+  "details": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6050"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-05-16T23:16:50Z"
+  }
+}