Sync EUVD catalog: Tue Apr 21 00:41:23 UTC 2026

Signed-off-by: AboutCode Automation <automation@aboutcode.org>

Author: aboutcode-automation

advisories/2026/03/EUVD-2026-12031.json

@@ -3,15 +3,43 @@
   "enisaUuid": "64d14084-b162-3fd0-947c-ec89acd03204",
   "description": "A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.",
   "datePublished": "Mar 13, 2026, 9:31:51 PM",
-  "dateUpdated": "Mar 13, 2026, 9:31:51 PM",
+  "dateUpdated": "Apr 20, 2026, 6:31:26 AM",
   "baseScore": 7.5,
   "baseScoreVersion": "3.1",
   "baseScoreVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
-  "references": "https://access.redhat.com/security/cve/CVE-2026-4111\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2446453\nhttps://github.com/libarchive/libarchive/pull/2877\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-4111\n",
+  "references": "https://access.redhat.com/errata/RHSA-2026:5063\nhttps://access.redhat.com/errata/RHSA-2026:5080\nhttps://access.redhat.com/errata/RHSA-2026:6647\nhttps://access.redhat.com/errata/RHSA-2026:7093\nhttps://access.redhat.com/errata/RHSA-2026:7105\nhttps://access.redhat.com/errata/RHSA-2026:7106\nhttps://access.redhat.com/errata/RHSA-2026:7239\nhttps://access.redhat.com/errata/RHSA-2026:7329\nhttps://access.redhat.com/errata/RHSA-2026:7335\nhttps://access.redhat.com/errata/RHSA-2026:8746\nhttps://access.redhat.com/errata/RHSA-2026:8747\nhttps://access.redhat.com/errata/RHSA-2026:8748\nhttps://access.redhat.com/security/cve/CVE-2026-4111\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2446453\nhttps://github.com/libarchive/libarchive/pull/2877\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-4111\nhttps://access.redhat.com/errata/RHSA-2026:8865\n",
   "aliases": "CVE-2026-4111\n",
   "assigner": "redhat",
-  "epss": 0.02,
+  "epss": 0.03,
   "enisaIdProduct": [
+    {
+      "id": "0bf6f597-d8a6-3330-99e2-0a1b69ecf998",
+      "product": {
+        "name": "Red Hat Discovery 2"
+      },
+      "product_version": "patch: sha256:040dadd657afdb9f0914f896a4962fd3dbf40b70c8037e4d72b6801b766c9b7d"
+    },
+    {
+      "id": "185c1528-92c0-30df-832d-a6e3e5510749",
+      "product": {
+        "name": "Red Hat AI Inference Server 3.3"
+      },
+      "product_version": "patch: sha256:be6d568f28044533e4ad80f0856407c359e2eaf31a6b89cada433e6575d2300e"
+    },
+    {
+      "id": "2a2b8200-a784-3403-aeca-50ed8ca423a8",
+      "product": {
+        "name": "Red Hat AI Inference Server 3.3"
+      },
+      "product_version": "patch: sha256:0ec114881d9dcd28a5dbbb2ec0ea1301ad87d5ae133121ce8167ef29d19802cc"
+    },
+    {
+      "id": "2b76eb5a-3691-34c5-a2a9-ed8db4d5c4e5",
+      "product": {
+        "name": "Red Hat OpenShift Container Platform 4.13"
+      },
+      "product_version": "patch: 413.92.202604080111-0"
+    },
     {
       "id": "3facfc15-d651-3756-bbf8-fb8d8b8a18c5",
       "product": {
@@ -25,6 +53,55 @@
         "name": "Red Hat Enterprise Linux 10"
       },
       "product_version": "patch: 0:3.7.7-5.el10_1"
+    },
+    {
+      "id": "4c6d54c9-aa96-35c2-b9da-633f1dae372f",
+      "product": {
+        "name": "Red Hat Enterprise Linux 9.6 Extended Update Support"
+      },
+      "product_version": "patch: 0:3.5.3-6.el9_6.1"
+    },
+    {
+      "id": "57a7dfed-45e5-362b-be45-8c9c21de6d92",
+      "product": {
+        "name": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions"
+      },
+      "product_version": "patch: 0:3.5.3-5.el9_2.1"
+    },
+    {
+      "id": "9606ba53-506f-3ebb-af4a-948b59802100",
+      "product": {
+        "name": "Red Hat Enterprise Linux 9.4 Extended Update Support"
+      },
+      "product_version": "patch: 0:3.5.3-4.el9_4.2"
+    },
+    {
+      "id": "b68bc367-fd7f-39e7-a241-6a54815bc2cc",
+      "product": {
+        "name": "Red Hat AI Inference Server 3.3"
+      },
+      "product_version": "patch: sha256:813ba7ccd1696b44deb90d9e6cd8af114bdb47781eae7f27246a81fba062a892"
+    },
+    {
+      "id": "e2ccd141-b1c3-343d-9bf0-124d46adffbf",
+      "product": {
+        "name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions"
+      },
+      "product_version": "patch: 0:3.5.3-2.el9_0.3"
+    },
+    {
+      "id": "f2bbe426-8e7d-39e0-a95d-0a57a340cd82",
+      "product": {
+        "name": "Red Hat AI Inference Server 3.2"
+      },
+      "product_version": "patch: sha256:54616c9f3e4d27120504b0b2020432ef3ff85286a50de7be842f05df0cfcd69e"
+    },
+    {
+      "id": "fe0340f1-ae0e-3e35-9f55-8d917e1f16ca",
+      "product": {
+        "name": "Red Hat Discovery 2"
+      },
+      "product_version": "patch: sha256:062310de4b34e278f8c7e4634def673a77d1228d493541ef1264ba4cb83b68eb"
     }
   ],
   "enisaIdVendor": [

advisories/2026/03/EUVD-2026-13097.json

@@ -3,15 +3,58 @@
   "enisaUuid": "e56690d0-bd77-3749-b1dc-cfa65800ac55",
   "description": "A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.",
   "datePublished": "Mar 19, 2026, 3:31:21 PM",
-  "dateUpdated": "Mar 19, 2026, 3:31:22 PM",
+  "dateUpdated": "Apr 20, 2026, 6:31:26 AM",
   "baseScore": 7.5,
   "baseScoreVersion": "3.1",
   "baseScoreVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
-  "references": "https://access.redhat.com/security/cve/CVE-2026-4424\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2449006\nhttps://github.com/libarchive/libarchive/pull/2898\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-4424\n",
+  "references": "https://access.redhat.com/errata/RHSA-2026:8492\nhttps://access.redhat.com/errata/RHSA-2026:8510\nhttps://access.redhat.com/errata/RHSA-2026:8517\nhttps://access.redhat.com/errata/RHSA-2026:8521\nhttps://access.redhat.com/errata/RHSA-2026:8534\nhttps://access.redhat.com/security/cve/CVE-2026-4424\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2449006\nhttps://github.com/libarchive/libarchive/pull/2898\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-4424\nhttps://access.redhat.com/errata/RHSA-2026:8864\nhttps://access.redhat.com/errata/RHSA-2026:8865\nhttps://access.redhat.com/errata/RHSA-2026:8867\nhttps://access.redhat.com/errata/RHSA-2026:8873\nhttps://access.redhat.com/errata/RHSA-2026:8908\n",
   "aliases": "CVE-2026-4424\n",
   "assigner": "redhat",
-  "epss": 0.17,
-  "enisaIdProduct": [],
+  "epss": 0.2,
+  "enisaIdProduct": [
+    {
+      "id": "1c2b4f30-6570-3133-9dac-ab3ee9b9aaf9",
+      "product": {
+        "name": "Red Hat Enterprise Linux 8"
+      },
+      "product_version": "patch: 0:3.3.3-7.el8_10"
+    },
+    {
+      "id": "57b20c21-174c-32db-94f0-d5f5a1063c36",
+      "product": {
+        "name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support"
+      },
+      "product_version": "patch: 0:3.1.2-14.el7_9.2"
+    },
+    {
+      "id": "6b0c6f97-a141-37ca-b8c2-3740bdff669b",
+      "product": {
+        "name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions"
+      },
+      "product_version": "patch: 0:3.5.3-2.el9_0.4"
+    },
+    {
+      "id": "86188e5d-1cb0-3062-aec7-cd17450e667f",
+      "product": {
+        "name": "Red Hat Enterprise Linux 10"
+      },
+      "product_version": "patch: 0:3.7.7-8.el10_1"
+    },
+    {
+      "id": "8ea34cde-5516-339a-afa0-e4d28e307f48",
+      "product": {
+        "name": "Red Hat Enterprise Linux 9"
+      },
+      "product_version": "patch: 0:3.5.3-9.el9_7"
+    },
+    {
+      "id": "e8a94cfe-4072-3434-a38b-90fb2aa12c73",
+      "product": {
+        "name": "Red Hat Enterprise Linux 8.2 Advanced Update Support"
+      },
+      "product_version": "patch: 0:3.3.2-8.el8_2.2"
+    }
+  ],
   "enisaIdVendor": [
     {
       "id": "f79bb6a4-95d5-3b5e-a7fb-58b8d3504460",

advisories/2026/03/EUVD-2026-17073.json

@@ -3,13 +3,51 @@
   "enisaUuid": "af65621c-2a3d-3460-bb5e-6ec0ed762505",
   "description": "A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.",
   "datePublished": "Mar 30, 2026, 9:31:29 AM",
-  "dateUpdated": "Mar 30, 2026, 9:31:29 AM",
-  "baseScore": 0.0,
-  "references": "https://access.redhat.com/security/cve/CVE-2026-5121\nhttps://github.com/libarchive/libarchive/pull/2934\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-5121\n",
+  "dateUpdated": "Apr 20, 2026, 6:31:26 AM",
+  "baseScore": 7.5,
+  "baseScoreVersion": "3.1",
+  "baseScoreVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
+  "references": "https://access.redhat.com/errata/RHSA-2026:8510\nhttps://access.redhat.com/errata/RHSA-2026:8517\nhttps://access.redhat.com/errata/RHSA-2026:8521\nhttps://access.redhat.com/errata/RHSA-2026:8534\nhttps://access.redhat.com/security/cve/CVE-2026-5121\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2452945\nhttps://github.com/advisories/GHSA-2vwv-vqpv-v8vc\nhttps://github.com/libarchive/libarchive/pull/2934\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-5121\nhttps://access.redhat.com/errata/RHSA-2026:8864\nhttps://access.redhat.com/errata/RHSA-2026:8867\nhttps://access.redhat.com/errata/RHSA-2026:8873\nhttps://access.redhat.com/errata/RHSA-2026:8908\n",
   "aliases": "CVE-2026-5121\n",
   "assigner": "redhat",
-  "epss": 0.05,
-  "enisaIdProduct": [],
+  "epss": 0.08,
+  "enisaIdProduct": [
+    {
+      "id": "2070c862-b728-38ba-ad99-ead5d3c972aa",
+      "product": {
+        "name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support"
+      },
+      "product_version": "patch: 0:3.1.2-14.el7_9.2"
+    },
+    {
+      "id": "626d3976-9046-3a82-9935-1851132c2816",
+      "product": {
+        "name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions"
+      },
+      "product_version": "patch: 0:3.5.3-2.el9_0.4"
+    },
+    {
+      "id": "8905a264-06f9-31b4-8b5f-b0f85ac60e12",
+      "product": {
+        "name": "Red Hat Enterprise Linux 8.2 Advanced Update Support"
+      },
+      "product_version": "patch: 0:3.3.2-8.el8_2.2"
+    },
+    {
+      "id": "947b8b9f-86d6-39af-9fd8-a23ab19d4d6c",
+      "product": {
+        "name": "Red Hat Enterprise Linux 9"
+      },
+      "product_version": "patch: 0:3.5.3-9.el9_7"
+    },
+    {
+      "id": "9b9918f4-c933-396a-9acc-3f3c979b920d",
+      "product": {
+        "name": "Red Hat Enterprise Linux 8"
+      },
+      "product_version": "patch: 0:3.3.3-7.el8_10"
+    }
+  ],
   "enisaIdVendor": [
     {
       "id": "4503f562-a316-3121-adce-05d7ccbb8047",

advisories/2026/04/EUVD-2024-55553.json

@@ -0,0 +1,29 @@
+{
+  "id": "EUVD-2024-55553",
+  "enisaUuid": "81a71bef-d5b0-3fb7-96bc-4fe2274f4c07",
+  "description": "The Email Encoder  WordPress plugin before 2.3.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).",
+  "datePublished": "Apr 20, 2026, 9:30:44 AM",
+  "dateUpdated": "Apr 20, 2026, 9:30:44 AM",
+  "baseScore": 0.0,
+  "references": "https://wpscan.com/vulnerability/7aeb6891-e159-4ed8-b1a9-a551140c9fcc/\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7083\n",
+  "aliases": "CVE-2024-7083\nGHSA-9772-r9rh-h65v\n",
+  "assigner": "WPScan",
+  "epss": 0.0,
+  "enisaIdProduct": [
+    {
+      "id": "cbd4b427-7b74-3019-9c07-2f0c85d4f022",
+      "product": {
+        "name": "Email Encoder"
+      },
+      "product_version": "0 <2.3.4"
+    }
+  ],
+  "enisaIdVendor": [
+    {
+      "id": "8f45ca4b-207f-3756-93bd-ee85a285265a",
+      "vendor": {
+        "name": "Unknown"
+      }
+    }
+  ]
+}

advisories/2026/04/EUVD-2025-209530.json

@@ -0,0 +1,31 @@
+{
+  "id": "EUVD-2025-209530",
+  "enisaUuid": "87793738-71f7-38de-b4b7-6d51ef4ed6f1",
+  "description": "Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resources via improperly protected API endpoints. This includes sensitive information such as system logs and parts of system configuration settings.\nThis vulnerability has been fixed in version 5.6.3",
+  "datePublished": "Apr 20, 2026, 12:31:59 PM",
+  "dateUpdated": "Apr 20, 2026, 12:31:59 PM",
+  "baseScore": 5.1,
+  "baseScoreVersion": "4.0",
+  "baseScoreVector": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
+  "references": "https://www.fudosecurity.com/product/enterprise\nhttps://cert.pl/en/posts/2026/04/CVE-2025-13480\nhttps://download.fudosecurity.com/documentation/fudo/5_6/rn/RN_5.6.3.pdf\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-13480\n",
+  "aliases": "CVE-2025-13480\nGHSA-x858-8gr5-586m\n",
+  "assigner": "CERT-PL",
+  "epss": 0.0,
+  "enisaIdProduct": [
+    {
+      "id": "17d25cd6-34cb-3e41-a460-c87106f6596c",
+      "product": {
+        "name": "Fudo Enterprise"
+      },
+      "product_version": "5.5.0 \u22645.6.2"
+    }
+  ],
+  "enisaIdVendor": [
+    {
+      "id": "999226a4-3070-3f23-bf75-2e92b932c771",
+      "vendor": {
+        "name": "Fudo Security"
+      }
+    }
+  ]
+}

advisories/2026/04/EUVD-2025-209532.json

@@ -0,0 +1,31 @@
+{
+  "id": "EUVD-2025-209532",
+  "enisaUuid": "6b7ab528-7521-3214-b70c-f7ac877604d8",
+  "description": "Apache Doris MCP Server versions earlier than 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of intended query validation and access restrictions through the MCP query execution interface. Version 0.6.1 and later are not affected.",
+  "datePublished": "Apr 20, 2026, 3:31:52 PM",
+  "dateUpdated": "Apr 20, 2026, 3:31:52 PM",
+  "baseScore": 5.3,
+  "baseScoreVersion": "3.1",
+  "baseScoreVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
+  "references": "https://lists.apache.org/thread/odp0fyyst8kxm7hhm9z4d1snh1y4hjpy\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-66335\nhttp://www.openwall.com/lists/oss-security/2026/04/17/4\n",
+  "aliases": "CVE-2025-66335\nGHSA-qhfq-gvvc-5q6q\n",
+  "assigner": "apache",
+  "epss": 0.0,
+  "enisaIdProduct": [
+    {
+      "id": "b65a6867-41eb-3ef8-8d72-32d199dca21d",
+      "product": {
+        "name": "Apache Doris MCP Server"
+      },
+      "product_version": "0.1.0 <0.6.1"
+    }
+  ],
+  "enisaIdVendor": [
+    {
+      "id": "b9d97948-bf1b-3e82-92be-550236c23750",
+      "vendor": {
+        "name": "Apache Software Foundation"
+      }
+    }
+  ]
+}

advisories/2026/04/EUVD-2025-209534.json

@@ -0,0 +1,29 @@
+{
+  "id": "EUVD-2025-209534",
+  "enisaUuid": "194e11ad-77bf-3317-9c4e-4e215b5f1da2",
+  "description": "A vulnerability exists in the Buffalo Link Station version 1.85-0.01 that allows unauthenticated or guest-level users to enumerate valid usernames and their associated privilege roles. The issue is triggered by modifying a parameter within requests sent to the /nasapi endpoint.",
+  "datePublished": "Apr 20, 2026, 6:31:48 PM",
+  "dateUpdated": "Apr 20, 2026, 6:31:49 PM",
+  "baseScore": 0.0,
+  "references": "https://github.com/DBmonster19/CVE-2025-66954\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-66954\n",
+  "aliases": "GHSA-3gjh-jvm6-6pfg\nCVE-2025-66954\n",
+  "assigner": "mitre",
+  "epss": 0.0,
+  "enisaIdProduct": [
+    {
+      "id": "d2fe9cc1-e8f8-3331-8732-ad229ef057ec",
+      "product": {
+        "name": "n/a"
+      },
+      "product_version": "n/a"
+    }
+  ],
+  "enisaIdVendor": [
+    {
+      "id": "76ad9dcf-e856-3aae-b60a-b52202187c37",
+      "vendor": {
+        "name": "n/a"
+      }
+    }
+  ]
+}

advisories/2026/04/EUVD-2026-23710.json

@@ -2,13 +2,13 @@
   "id": "EUVD-2026-23710",
   "enisaUuid": "272bbf91-f5c5-3de7-bbb4-2c6d972cd5ff",
   "description": "A security flaw has been discovered in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component Setting Handler. The manipulation of the argument SECRET_KEY results in hard-coded credentials. The attack can be launched remotely. The attack requires a high level of complexity. The exploitability is reported as difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.",
-  "datePublished": "Apr 19, 2026, 9:15:14 PM",
-  "dateUpdated": "Apr 19, 2026, 9:15:14 PM",
+  "datePublished": "Apr 20, 2026, 12:30:13 AM",
+  "dateUpdated": "Apr 20, 2026, 12:30:13 AM",
   "baseScore": 6.3,
   "baseScoreVersion": "4.0",
   "baseScoreVector": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
-  "references": "https://vuldb.com/vuln/358213\nhttps://vuldb.com/vuln/358213/cti\nhttps://vuldb.com/submit/790283\nhttps://github.com/3em0/cve_repo/blob/main/DjangoBlog/Vuln-3-Hardcoded-Django-SECRET_KEY.md\n",
-  "aliases": "CVE-2026-6578\n",
+  "references": "https://vuldb.com/vuln/358213\nhttps://vuldb.com/vuln/358213/cti\nhttps://vuldb.com/submit/790283\nhttps://github.com/3em0/cve_repo/blob/main/DjangoBlog/Vuln-3-Hardcoded-Django-SECRET_KEY.md\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-6578\n",
+  "aliases": "CVE-2026-6578\nGHSA-jf35-jg3h-pwmh\n",
   "assigner": "VulDB",
   "epss": 0.0,
   "enisaIdProduct": [

advisories/2026/04/EUVD-2026-23712.json

@@ -2,13 +2,13 @@
   "id": "EUVD-2026-23712",
   "enisaUuid": "64c6f43b-18e4-3cf6-b0ab-3381ff079269",
   "description": "A weakness has been identified in liangliangyy DjangoBlog up to 2.1.0.0. This impacts an unknown function of the file blog/views.py of the component Clean Endpoint. This manipulation causes missing authentication. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.",
-  "datePublished": "Apr 19, 2026, 10:00:17 PM",
-  "dateUpdated": "Apr 19, 2026, 10:00:17 PM",
+  "datePublished": "Apr 20, 2026, 12:30:13 AM",
+  "dateUpdated": "Apr 20, 2026, 12:30:13 AM",
   "baseScore": 6.9,
   "baseScoreVersion": "4.0",
   "baseScoreVector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
-  "references": "https://vuldb.com/vuln/358214\nhttps://vuldb.com/vuln/358214/cti\nhttps://vuldb.com/submit/790286\nhttps://github.com/3em0/cve_repo/blob/main/DjangoBlog/Vuln-4-Unauthenticated-Cache-Purge.md\n",
-  "aliases": "CVE-2026-6579\n",
+  "references": "https://vuldb.com/vuln/358214\nhttps://vuldb.com/vuln/358214/cti\nhttps://vuldb.com/submit/790286\nhttps://github.com/3em0/cve_repo/blob/main/DjangoBlog/Vuln-4-Unauthenticated-Cache-Purge.md\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-6579\n",
+  "aliases": "CVE-2026-6579\nGHSA-5q63-8x25-h545\n",
   "assigner": "VulDB",
   "epss": 0.0,
   "enisaIdProduct": [