aboutcode-org
diff --git a/‎advisories/2026/04/EUVD-2026-26442.json‎
Lines changed: 15 additions & 2 deletions b/‎advisories/2026/04/EUVD-2026-26442.json‎
Lines changed: 15 additions & 2 deletions
diff --git a/‎advisories/2026/04/EUVD-2026-26443.json‎
Lines changed: 15 additions & 2 deletions b/‎advisories/2026/04/EUVD-2026-26443.json‎
Lines changed: 15 additions & 2 deletions
diff --git a/‎advisories/2026/04/EUVD-2026-26444.json‎
Lines changed: 15 additions & 2 deletions b/‎advisories/2026/04/EUVD-2026-26444.json‎
Lines changed: 15 additions & 2 deletions
diff --git a/‎advisories/2026/04/EUVD-2026-26445.json‎
Lines changed: 15 additions & 2 deletions b/‎advisories/2026/04/EUVD-2026-26445.json‎
Lines changed: 15 additions & 2 deletions
@@ -3,15 +3,22 @@
   "enisaUuid": "9ed9b0d7-7084-3dc7-ae12-d740bdac6ca2",
   "description": "In Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dn_expand oddity in octal printing.",
   "datePublished": "Apr 30, 2026, 12:00:00 AM",
-  "dateUpdated": "Apr 30, 2026, 9:23:47 PM",
+  "dateUpdated": "May 1, 2026, 1:16:53 AM",
   "baseScore": 5.9,
   "baseScoreVersion": "3.1",
   "baseScoreVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
-  "references": "https://exim.org/static/doc/security/CVE-2025-40684.txt\nhttps://www.openwall.com/lists/oss-security/2026/04/30/21\nhttps://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40684.assessment\nhttps://code.exim.org/exim/exim/commit/628bbaca7672748d941a12e7cd5f0122a4e18c81\n",
+  "references": "https://www.openwall.com/lists/oss-security/2026/04/30/21\nhttps://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40684.assessment\nhttps://code.exim.org/exim/exim/commit/628bbaca7672748d941a12e7cd5f0122a4e18c81\nhttps://exim.org/static/doc/security/CVE-2026-40684.txt\n",
   "aliases": "CVE-2026-40684\n",
   "assigner": "mitre",
   "epss": 0.0,
   "enisaIdProduct": [
+    {
+      "id": "a31104c6-caf4-347a-9c92-c5abef114cb5",
+      "product": {
+        "name": "exim"
+      },
+      "product_version": "0 <4.99.2"
+    },
     {
       "id": "f44cd9c9-4fed-3af1-afbf-34a4ad9d4629",
       "product": {
@@ -21,6 +28,12 @@
     }
   ],
   "enisaIdVendor": [
+    {
+      "id": "68c77f6c-192f-3791-a382-7f09f54af0d1",
+      "vendor": {
+        "name": "exim"
+      }
+    },
     {
       "id": "73208713-742e-39af-8304-412f06b613ba",
       "vendor": {
 
@@ -3,11 +3,11 @@
   "enisaUuid": "55c7a1d0-0fb2-351e-b8d0-b33912c43e8a",
   "description": "In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \\ skipping.",
   "datePublished": "Apr 30, 2026, 12:00:00 AM",
-  "dateUpdated": "Apr 30, 2026, 9:26:36 PM",
+  "dateUpdated": "May 1, 2026, 1:18:39 AM",
   "baseScore": 6.5,
   "baseScoreVersion": "3.1",
   "baseScoreVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
-  "references": "https://exim.org/static/doc/security/CVE-2025-40685.txt\nhttps://www.openwall.com/lists/oss-security/2026/04/30/21\nhttps://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40685.assessment\nhttps://code.exim.org/exim/exim/commit/9fdc057e71b87c87a0d3d2288b2810a0efaaba57\n",
+  "references": "https://www.openwall.com/lists/oss-security/2026/04/30/21\nhttps://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40685.assessment\nhttps://code.exim.org/exim/exim/commit/9fdc057e71b87c87a0d3d2288b2810a0efaaba57\nhttps://exim.org/static/doc/security/CVE-2026-40685.txt\n",
   "aliases": "CVE-2026-40685\n",
   "assigner": "mitre",
   "epss": 0.0,
@@ -18,9 +18,22 @@
         "name": "exim"
       },
       "product_version": "0 <4.99.2"
+    },
+    {
+      "id": "5beafac9-9ba0-36b8-a4a8-fe71163e3661",
+      "product": {
+        "name": "exim"
+      },
+      "product_version": "0 <4.99.2"
     }
   ],
   "enisaIdVendor": [
+    {
+      "id": "34860130-3cd6-33a5-bd71-ed594c00f4f8",
+      "vendor": {
+        "name": "exim"
+      }
+    },
     {
       "id": "9a0d0a09-b885-3012-8a5b-d33177aff577",
       "vendor": {
 
@@ -3,15 +3,22 @@
   "enisaUuid": "e59ade01-2512-3108-88a0-5c933bfef75f",
   "description": "In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present (malformed UTF-8 header data). Information might be divulged within an error message produced during handling of an unrelated e-mail message.",
   "datePublished": "Apr 30, 2026, 12:00:00 AM",
-  "dateUpdated": "Apr 30, 2026, 9:29:23 PM",
+  "dateUpdated": "May 1, 2026, 1:19:46 AM",
   "baseScore": 3.7,
   "baseScoreVersion": "3.1",
   "baseScoreVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
-  "references": "https://exim.org/static/doc/security/CVE-2025-40686.txt\nhttps://www.openwall.com/lists/oss-security/2026/04/30/21\nhttps://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40686.assessment\nhttps://code.exim.org/exim/exim/commit/f2570bde16fb4d4a1242ff363a4c4eecf6372efc\n",
+  "references": "https://www.openwall.com/lists/oss-security/2026/04/30/21\nhttps://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40686.assessment\nhttps://code.exim.org/exim/exim/commit/f2570bde16fb4d4a1242ff363a4c4eecf6372efc\nhttps://exim.org/static/doc/security/CVE-2026-40686.txt\n",
   "aliases": "CVE-2026-40686\n",
   "assigner": "mitre",
   "epss": 0.0,
   "enisaIdProduct": [
+    {
+      "id": "3fe1e752-80fd-38ca-a3bf-e40afa954055",
+      "product": {
+        "name": "exim"
+      },
+      "product_version": "0 <4.99.2"
+    },
     {
       "id": "4de180b8-1888-37f0-a85c-0f2005fa4d3d",
       "product": {
@@ -21,6 +28,12 @@
     }
   ],
   "enisaIdVendor": [
+    {
+      "id": "70929cec-6c1a-3815-a87e-79b8bd053a2c",
+      "vendor": {
+        "name": "exim"
+      }
+    },
     {
       "id": "bab83769-cb82-3cab-b79c-dc2e100f2bc8",
       "vendor": {
 
@@ -3,15 +3,22 @@
   "enisaUuid": "4c25eeef-05bc-3597-896d-ec6296c005c5",
   "description": "In Exim before 4.99.2, when the SPA authentication driver is used with an adversarial SPA resource, there can be an out-of-bounds write that crashes the connection instance, or erroneous data processing that divulges data from uninitialized heap memory.",
   "datePublished": "Apr 30, 2026, 12:00:00 AM",
-  "dateUpdated": "Apr 30, 2026, 9:32:54 PM",
+  "dateUpdated": "May 1, 2026, 1:20:38 AM",
   "baseScore": 4.8,
   "baseScoreVersion": "3.1",
   "baseScoreVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
-  "references": "https://exim.org/static/doc/security/CVE-2025-40687.txt\nhttps://www.openwall.com/lists/oss-security/2026/04/30/21\nhttps://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40687.assessment\nhttps://code.exim.org/exim/exim/commit/68b963b9f75ca27b38e1c0f8c87037990199f505\n",
+  "references": "https://www.openwall.com/lists/oss-security/2026/04/30/21\nhttps://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40687.assessment\nhttps://code.exim.org/exim/exim/commit/68b963b9f75ca27b38e1c0f8c87037990199f505\nhttps://exim.org/static/doc/security/CVE-2026-40687.txt\n",
   "aliases": "CVE-2026-40687\n",
   "assigner": "mitre",
   "epss": 0.0,
   "enisaIdProduct": [
+    {
+      "id": "5eabf4bf-1e0a-390b-b28c-ef53035519d6",
+      "product": {
+        "name": "exim"
+      },
+      "product_version": "0 <4.99.2"
+    },
     {
       "id": "74caaf7e-7969-38a9-8f1c-49034ba9bb9a",
       "product": {
@@ -26,6 +33,12 @@
       "vendor": {
         "name": "exim"
       }
+    },
+    {
+      "id": "ef0c59e5-763a-36f4-82f1-edf12914b954",
+      "vendor": {
+        "name": "exim"
+      }
     }
   ]
 }