Vulnerability-Lookup

CVE-2025-67721 (GCVE-0-2025-67721)

Vulnerability from cvelistv5 – Published: 2025-12-12 22:11 – Updated: 2025-12-15 15:04

Title

Aircompressor's Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer

Summary

Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. In versions 3.3 and below, incorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allow remote attackers to read previous buffer contents via crafted compressed input. With certain crafted compressed inputs, elements from the output buffer can end up in the uncompressed output, potentially leaking sensitive data. This is relevant for applications that reuse the same output buffer to uncompress multiple inputs. This can be the case of a web server that allocates a fix-sized buffer for performance purposes. There is similar vulnerability in GHSA-cmp6-m4wj-q63q. This issue is fixed in version 3.4.

Severity

6.3 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-201 - Insertion of Sensitive Information Into Sent Data
CWE-125 - Out-of-bounds Read

Assigner

GitHub_M

References

3 references

URL	Tags
https://github.com/airlift/aircompressor/security…	x_refsource_CONFIRM
https://github.com/airlift/aircompressor/commit/f…	x_refsource_MISC
https://github.com/airlift/aircompressor/commit/f…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
airlift	aircompressor	Affected: < 3.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-67721",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-15T15:03:47.177417Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-15T15:04:15.629Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "aircompressor",
          "vendor": "airlift",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. In versions 3.3 and below, incorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allow remote attackers to read previous buffer contents via crafted compressed input. With certain crafted compressed inputs, elements from the output buffer can end up in the uncompressed output, potentially leaking sensitive data. This is relevant for applications that reuse the same output buffer to uncompress multiple inputs. This can be the case of a web server that allocates a fix-sized buffer for performance purposes. There is similar vulnerability in GHSA-cmp6-m4wj-q63q. This issue is fixed in version 3.4."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-201",
              "description": "CWE-201: Insertion of Sensitive Information Into Sent Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-12T22:11:10.971Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/airlift/aircompressor/security/advisories/GHSA-vx9q-rhv9-3jvg",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/airlift/aircompressor/security/advisories/GHSA-vx9q-rhv9-3jvg"
        },
        {
          "name": "https://github.com/airlift/aircompressor/commit/f2b489b398779b40c1ee29ddb11d7edef54ddc15",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/airlift/aircompressor/commit/f2b489b398779b40c1ee29ddb11d7edef54ddc15"
        },
        {
          "name": "https://github.com/airlift/aircompressor/commit/ff12c4d5757c9d6d1de3d39a10402f1f84f9b765",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/airlift/aircompressor/commit/ff12c4d5757c9d6d1de3d39a10402f1f84f9b765"
        }
      ],
      "source": {
        "advisory": "GHSA-vx9q-rhv9-3jvg",
        "discovery": "UNKNOWN"
      },
      "title": "Aircompressor\u0027s Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-67721",
    "datePublished": "2025-12-12T22:11:10.971Z",
    "dateReserved": "2025-12-10T18:46:14.762Z",
    "dateUpdated": "2025-12-15T15:04:15.629Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-67721",
      "date": "2026-06-16",
      "epss": "0.00363",
      "percentile": "0.27957"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-67721\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-12-12T23:15:42.067\",\"lastModified\":\"2026-03-17T19:40:07.640\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. In versions 3.3 and below, incorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allow remote attackers to read previous buffer contents via crafted compressed input. With certain crafted compressed inputs, elements from the output buffer can end up in the uncompressed output, potentially leaking sensitive data. This is relevant for applications that reuse the same output buffer to uncompress multiple inputs. This can be the case of a web server that allocates a fix-sized buffer for performance purposes. There is similar vulnerability in GHSA-cmp6-m4wj-q63q. This issue is fixed in version 3.4.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"},{\"lang\":\"en\",\"value\":\"CWE-201\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:airlift:aircompressor:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.3\",\"matchCriteriaId\":\"C8C79BDB-D062-4260-ADD4-DD562CB6D5D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:airlift:aircompressor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0\",\"versionEndExcluding\":\"3.4\",\"matchCriteriaId\":\"CD90D849-39DF-4958-B3E1-353C20BDB998\"}]}]}],\"references\":[{\"url\":\"https://github.com/airlift/aircompressor/commit/f2b489b398779b40c1ee29ddb11d7edef54ddc15\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/airlift/aircompressor/commit/ff12c4d5757c9d6d1de3d39a10402f1f84f9b765\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/airlift/aircompressor/security/advisories/GHSA-vx9q-rhv9-3jvg\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-67721\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-15T15:03:47.177417Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-15T15:04:07.531Z\"}}], \"cna\": {\"title\": \"Aircompressor\u0027s Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer\", \"source\": {\"advisory\": \"GHSA-vx9q-rhv9-3jvg\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 6.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"airlift\", \"product\": \"aircompressor\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 3.4\"}]}], \"references\": [{\"url\": \"https://github.com/airlift/aircompressor/security/advisories/GHSA-vx9q-rhv9-3jvg\", \"name\": \"https://github.com/airlift/aircompressor/security/advisories/GHSA-vx9q-rhv9-3jvg\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/airlift/aircompressor/commit/f2b489b398779b40c1ee29ddb11d7edef54ddc15\", \"name\": \"https://github.com/airlift/aircompressor/commit/f2b489b398779b40c1ee29ddb11d7edef54ddc15\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/airlift/aircompressor/commit/ff12c4d5757c9d6d1de3d39a10402f1f84f9b765\", \"name\": \"https://github.com/airlift/aircompressor/commit/ff12c4d5757c9d6d1de3d39a10402f1f84f9b765\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. In versions 3.3 and below, incorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allow remote attackers to read previous buffer contents via crafted compressed input. With certain crafted compressed inputs, elements from the output buffer can end up in the uncompressed output, potentially leaking sensitive data. This is relevant for applications that reuse the same output buffer to uncompress multiple inputs. This can be the case of a web server that allocates a fix-sized buffer for performance purposes. There is similar vulnerability in GHSA-cmp6-m4wj-q63q. This issue is fixed in version 3.4.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-201\", \"description\": \"CWE-201: Insertion of Sensitive Information Into Sent Data\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125: Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-12-12T22:11:10.971Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-67721\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-15T15:04:15.629Z\", \"dateReserved\": \"2025-12-10T18:46:14.762Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-12-12T22:11:10.971Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2026-AVI-0500

Vulnerability from certfr_avis - Published: 2026-04-27 - Updated: 2026-04-27

De multiples vulnérabilités ont été découvertes dans VMware Tanzu. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	VMware	N/A	Tanzu Greenplum Platform Extension Framework versions antérieures à 8.0.0
	VMware	N/A	Tanzu Data Lake versions antérieures à 4.0.0

References

Title

Publication Time

CERTFR-2026-AVI-0641

Vulnerability from certfr_avis - Published: 2026-05-22 - Updated: 2026-05-22

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	AIX	Open SDK pour Rust sur AIX versions 1.92.x sans le correctif de sécurité Fix Pack 2
IBM	WebSphere	WebSphere Automation versions 1.1x antérieures à 1.12.1
IBM	Db2	Db2 versions 12.1.x antérieures à 12.1.4 sans le correctif Special Build #83501
IBM	Db2	Db2 Big SQL versions 7.6.x à 8.3.x antérieures à 8.3.1 patch 4
IBM	Db2	Db2 sur Cloud Pak for Data et Db2 Warehouse sur Cloud Pak for Data versions 4.8.x à 5.3.x antérieures à 5.3.1
IBM	AIX	Open SDK pour Rust sur AIX versions 1.90.x sans le correctif de sécurité Fix Pack 2
IBM	Sterling	Sterling Transformation Extender versions 11.0.1.1 et 11.0.2.0 sans le correctif de sécurité PH71227
IBM	Db2	Db2 versions 11.5.x antérieures à 11.5.9 sans le correctif Special Build #81937

References

Title

Publication Time

cleanstart-2026-do09088

Vulnerability from cleanstart

Published

2026-04-01 09:47

Modified

2026-03-17 07:41

Summary

Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-67721, CVE-2025-68119, CVE-2025-68121, CVE-2026-1225, CVE-2026-1605, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-72hv-8253-57qq applied in versions: 479-r0

Details

Multiple security vulnerabilities affect the trino package. These issues are resolved in later releases. See references for individual vulnerability details.

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2025-61726	WEB
	https://osv.dev/vulnerability/CVE-2025-61727	WEB
	https://osv.dev/vulnerability/CVE-2025-61728	WEB
	https://osv.dev/vulnerability/CVE-2025-61729	WEB
	https://osv.dev/vulnerability/CVE-2025-61730	WEB
	https://osv.dev/vulnerability/CVE-2025-61732	WEB
	https://osv.dev/vulnerability/CVE-2025-67721	WEB
	https://osv.dev/vulnerability/CVE-2025-68119	WEB
	https://osv.dev/vulnerability/CVE-2025-68121	WEB
	https://osv.dev/vulnerability/CVE-2026-1225	WEB
	https://osv.dev/vulnerability/CVE-2026-1605	WEB
	https://osv.dev/vulnerability/CVE-2026-25679	WEB
	https://osv.dev/vulnerability/CVE-2026-27139	WEB
	https://osv.dev/vulnerability/CVE-2026-27142	WEB
	https://osv.dev/vulnerability/ghsa-72hv-8253-57qq	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61726	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61727	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61728	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61729	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61730	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61732	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-67721	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-68119	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-68121	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-1225	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-1605	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-25679	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-27139	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-27142	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "trino"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "479-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the trino package. These issues are resolved in later releases. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-DO09088",
  "modified": "2026-03-17T07:41:03Z",
  "published": "2026-04-01T09:47:03.615107Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DO09088.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61726"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61727"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61728"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61729"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61730"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61732"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-67721"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-68119"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-68121"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-1225"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-1605"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-25679"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-27139"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-27142"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-72hv-8253-57qq"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67721"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1225"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1605"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "summary": "Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-67721, CVE-2025-68119, CVE-2025-68121, CVE-2026-1225, CVE-2026-1605, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-72hv-8253-57qq applied in versions: 479-r0",
  "upstream": [
    "CVE-2025-61726",
    "CVE-2025-61727",
    "CVE-2025-61728",
    "CVE-2025-61729",
    "CVE-2025-61730",
    "CVE-2025-61732",
    "CVE-2025-67721",
    "CVE-2025-68119",
    "CVE-2025-68121",
    "CVE-2026-1225",
    "CVE-2026-1605",
    "CVE-2026-25679",
    "CVE-2026-27139",
    "CVE-2026-27142",
    "ghsa-72hv-8253-57qq"
  ]
}

cleanstart-2026-eg39405

Vulnerability from cleanstart

Published

2026-06-11 01:01

Modified

2026-06-10 07:43

Summary

Netty is an asynchronous, event-driven network application framework

Details

Multiple security vulnerabilities affect the trino package. Netty is an asynchronous, event-driven network application framework. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2025-61726	WEB
	https://osv.dev/vulnerability/CVE-2025-61727	WEB
	https://osv.dev/vulnerability/CVE-2025-61728	WEB
	https://osv.dev/vulnerability/CVE-2025-61729	WEB
	https://osv.dev/vulnerability/CVE-2025-61730	WEB
	https://osv.dev/vulnerability/CVE-2025-61731	WEB
	https://osv.dev/vulnerability/CVE-2025-61732	WEB
	https://osv.dev/vulnerability/CVE-2025-67721	WEB
	https://osv.dev/vulnerability/CVE-2025-68119	WEB
	https://osv.dev/vulnerability/CVE-2025-68121	WEB
	https://osv.dev/vulnerability/CVE-2026-1225	WEB
	https://osv.dev/vulnerability/CVE-2026-1605	WEB
	https://osv.dev/vulnerability/CVE-2026-25679	WEB
	https://osv.dev/vulnerability/CVE-2026-27139	WEB
	https://osv.dev/vulnerability/CVE-2026-27142	WEB
	https://osv.dev/vulnerability/CVE-2026-27145	WEB
	https://osv.dev/vulnerability/CVE-2026-33871	WEB
	https://osv.dev/vulnerability/CVE-2026-39824	WEB
	https://osv.dev/vulnerability/CVE-2026-39826	WEB
	https://osv.dev/vulnerability/CVE-2026-39836	WEB
	https://osv.dev/vulnerability/CVE-2026-41417	WEB
	https://osv.dev/vulnerability/CVE-2026-42499	WEB
	https://osv.dev/vulnerability/CVE-2026-42504	WEB
	https://osv.dev/vulnerability/CVE-2026-42507	WEB
	https://osv.dev/vulnerability/CVE-2026-42577	WEB
	https://osv.dev/vulnerability/CVE-2026-42578	WEB
	https://osv.dev/vulnerability/CVE-2026-42579	WEB
	https://osv.dev/vulnerability/CVE-2026-42580	WEB
	https://osv.dev/vulnerability/CVE-2026-42581	WEB
	https://osv.dev/vulnerability/CVE-2026-42582	WEB
	https://osv.dev/vulnerability/CVE-2026-42583	WEB
	https://osv.dev/vulnerability/CVE-2026-42584	WEB
	https://osv.dev/vulnerability/CVE-2026-42585	WEB
	https://osv.dev/vulnerability/CVE-2026-42586	WEB
	https://osv.dev/vulnerability/CVE-2026-42587	WEB
	https://osv.dev/vulnerability/CVE-2026-44248	WEB
	https://osv.dev/vulnerability/CVE-2026-44893	WEB
	https://osv.dev/vulnerability/CVE-2026-44894	WEB
	https://osv.dev/vulnerability/CVE-2026-45536	WEB
	https://osv.dev/vulnerability/CVE-2026-46340	WEB
	https://osv.dev/vulnerability/ghsa-72hv-8253-57qq	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61726	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61727	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61728	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61729	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61730	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61731	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61732	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-67721	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-68119	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-68121	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-1225	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-1605	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-25679	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-27139	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-27142	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-27145	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33871	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-39824	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-39826	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-39836	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-41417	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42499	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42504	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42507	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42577	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42578	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42579	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42580	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42581	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42582	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42583	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42584	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42585	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42586	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42587	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-44248	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-44893	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-44894	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-45536	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-46340	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "trino"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "480-r3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the trino package. Netty is an asynchronous, event-driven network application framework. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-EG39405",
  "modified": "2026-06-10T07:43:19Z",
  "published": "2026-06-11T01:01:54.682665Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-EG39405.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61726"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61727"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61728"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61729"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61730"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61731"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61732"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-67721"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-68119"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-68121"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-1225"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-1605"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-25679"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-27139"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-27142"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-27145"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33871"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-39824"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-39826"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-39836"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-41417"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42499"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42504"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42507"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42577"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42578"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42579"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42580"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42581"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42582"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42583"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42584"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42585"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42586"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42587"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-44248"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-44893"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-44894"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-45536"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-46340"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-72hv-8253-57qq"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61731"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67721"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1225"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1605"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27145"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39824"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39826"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39836"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41417"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42504"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42507"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42577"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42580"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42581"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42582"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42584"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42585"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42586"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44248"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44894"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45536"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46340"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Netty is an asynchronous, event-driven network application framework",
  "upstream": [
    "CVE-2025-61726",
    "CVE-2025-61727",
    "CVE-2025-61728",
    "CVE-2025-61729",
    "CVE-2025-61730",
    "CVE-2025-61731",
    "CVE-2025-61732",
    "CVE-2025-67721",
    "CVE-2025-68119",
    "CVE-2025-68121",
    "CVE-2026-1225",
    "CVE-2026-1605",
    "CVE-2026-25679",
    "CVE-2026-27139",
    "CVE-2026-27142",
    "CVE-2026-27145",
    "CVE-2026-33871",
    "CVE-2026-39824",
    "CVE-2026-39826",
    "CVE-2026-39836",
    "CVE-2026-41417",
    "CVE-2026-42499",
    "CVE-2026-42504",
    "CVE-2026-42507",
    "CVE-2026-42577",
    "CVE-2026-42578",
    "CVE-2026-42579",
    "CVE-2026-42580",
    "CVE-2026-42581",
    "CVE-2026-42582",
    "CVE-2026-42583",
    "CVE-2026-42584",
    "CVE-2026-42585",
    "CVE-2026-42586",
    "CVE-2026-42587",
    "CVE-2026-44248",
    "CVE-2026-44893",
    "CVE-2026-44894",
    "CVE-2026-45536",
    "CVE-2026-46340",
    "ghsa-72hv-8253-57qq"
  ]
}

cleanstart-2026-hq78610

Vulnerability from cleanstart

Published

2026-04-25 00:45

Modified

2026-04-24 22:46

Summary

Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java

Details

Multiple security vulnerabilities affect the trino package. Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2025-61726	WEB
	https://osv.dev/vulnerability/CVE-2025-61727	WEB
	https://osv.dev/vulnerability/CVE-2025-61728	WEB
	https://osv.dev/vulnerability/CVE-2025-61729	WEB
	https://osv.dev/vulnerability/CVE-2025-61730	WEB
	https://osv.dev/vulnerability/CVE-2025-61732	WEB
	https://osv.dev/vulnerability/CVE-2025-67721	WEB
	https://osv.dev/vulnerability/CVE-2025-68119	WEB
	https://osv.dev/vulnerability/CVE-2025-68121	WEB
	https://osv.dev/vulnerability/CVE-2026-1225	WEB
	https://osv.dev/vulnerability/CVE-2026-1605	WEB
	https://osv.dev/vulnerability/CVE-2026-25679	WEB
	https://osv.dev/vulnerability/CVE-2026-27139	WEB
	https://osv.dev/vulnerability/CVE-2026-27142	WEB
	https://osv.dev/vulnerability/ghsa-72hv-8253-57qq	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61726	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61727	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61728	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61729	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61730	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61732	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-67721	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-68119	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-68121	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-1225	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-1605	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-25679	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-27139	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-27142	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "trino"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "479-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the trino package. Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-HQ78610",
  "modified": "2026-04-24T22:46:48Z",
  "published": "2026-04-25T00:45:02.559999Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HQ78610.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61726"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61727"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61728"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61729"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61730"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61732"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-67721"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-68119"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-68121"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-1225"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-1605"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-25679"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-27139"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-27142"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-72hv-8253-57qq"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67721"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1225"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1605"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java",
  "upstream": [
    "CVE-2025-61726",
    "CVE-2025-61727",
    "CVE-2025-61728",
    "CVE-2025-61729",
    "CVE-2025-61730",
    "CVE-2025-61732",
    "CVE-2025-67721",
    "CVE-2025-68119",
    "CVE-2025-68121",
    "CVE-2026-1225",
    "CVE-2026-1605",
    "CVE-2026-25679",
    "CVE-2026-27139",
    "CVE-2026-27142",
    "ghsa-72hv-8253-57qq"
  ]
}

cleanstart-2026-rm01950

Vulnerability from cleanstart

Published

2026-05-18 13:28

Modified

2026-05-11 13:48

Summary

Details

Multiple security vulnerabilities affect the trino package. These issues are resolved in later releases. See references for individual vulnerability details.

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2025-61726	WEB
	https://osv.dev/vulnerability/CVE-2025-61727	WEB
	https://osv.dev/vulnerability/CVE-2025-61728	WEB
	https://osv.dev/vulnerability/CVE-2025-61729	WEB
	https://osv.dev/vulnerability/CVE-2025-61730	WEB
	https://osv.dev/vulnerability/CVE-2025-61732	WEB
	https://osv.dev/vulnerability/CVE-2025-67721	WEB
	https://osv.dev/vulnerability/CVE-2025-68119	WEB
	https://osv.dev/vulnerability/CVE-2025-68121	WEB
	https://osv.dev/vulnerability/CVE-2026-1225	WEB
	https://osv.dev/vulnerability/CVE-2026-1605	WEB
	https://osv.dev/vulnerability/CVE-2026-25679	WEB
	https://osv.dev/vulnerability/CVE-2026-27139	WEB
	https://osv.dev/vulnerability/CVE-2026-27142	WEB
	https://osv.dev/vulnerability/CVE-2026-39826	WEB
	https://osv.dev/vulnerability/CVE-2026-39836	WEB
	https://osv.dev/vulnerability/CVE-2026-42499	WEB
	https://osv.dev/vulnerability/ghsa-72hv-8253-57qq	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61726	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61727	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61728	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61729	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61730	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61732	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-67721	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-68119	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-68121	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-1225	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-1605	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-25679	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-27139	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-27142	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-39826	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-39836	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42499	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "trino"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "480-r1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the trino package. These issues are resolved in later releases. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-RM01950",
  "modified": "2026-05-11T13:48:59Z",
  "published": "2026-05-18T13:28:50.948074Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-RM01950.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61726"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61727"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61728"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61729"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61730"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61732"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-67721"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-68119"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-68121"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-1225"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-1605"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-25679"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-27139"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-27142"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-39826"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-39836"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42499"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-72hv-8253-57qq"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67721"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1225"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1605"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39826"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39836"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "summary": "Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-67721, CVE-2025-68119, CVE-2025-68121, CVE-2026-1225, CVE-2026-1605, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, ghsa-72hv-8253-57qq applied in versions: 479-r0, 480-r1",
  "upstream": [
    "CVE-2025-61726",
    "CVE-2025-61727",
    "CVE-2025-61728",
    "CVE-2025-61729",
    "CVE-2025-61730",
    "CVE-2025-61732",
    "CVE-2025-67721",
    "CVE-2025-68119",
    "CVE-2025-68121",
    "CVE-2026-1225",
    "CVE-2026-1605",
    "CVE-2026-25679",
    "CVE-2026-27139",
    "CVE-2026-27142",
    "CVE-2026-39826",
    "CVE-2026-39836",
    "CVE-2026-42499",
    "ghsa-72hv-8253-57qq"
  ]
}

FKIE_CVE-2025-67721

Vulnerability from fkie_nvd - Published: 2025-12-12 23:15 - Updated: 2026-03-17 19:40

Severity

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/airlift/aircompressor/commit/f2b489b398779b40c1ee29ddb11d7edef54ddc15	Patch
security-advisories@github.com	https://github.com/airlift/aircompressor/commit/ff12c4d5757c9d6d1de3d39a10402f1f84f9b765	Patch
security-advisories@github.com	https://github.com/airlift/aircompressor/security/advisories/GHSA-vx9q-rhv9-3jvg	Mitigation, Vendor Advisory

Impacted products

	Vendor	Product	Version
	airlift	aircompressor	*
	airlift	aircompressor	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:airlift:aircompressor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8C79BDB-D062-4260-ADD4-DD562CB6D5D0",
              "versionEndExcluding": "2.0.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:airlift:aircompressor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD90D849-39DF-4958-B3E1-353C20BDB998",
              "versionEndExcluding": "3.4",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. In versions 3.3 and below, incorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allow remote attackers to read previous buffer contents via crafted compressed input. With certain crafted compressed inputs, elements from the output buffer can end up in the uncompressed output, potentially leaking sensitive data. This is relevant for applications that reuse the same output buffer to uncompress multiple inputs. This can be the case of a web server that allocates a fix-sized buffer for performance purposes. There is similar vulnerability in GHSA-cmp6-m4wj-q63q. This issue is fixed in version 3.4."
    }
  ],
  "id": "CVE-2025-67721",
  "lastModified": "2026-03-17T19:40:07.640",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "PRESENT",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "LOW",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-12-12T23:15:42.067",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/airlift/aircompressor/commit/f2b489b398779b40c1ee29ddb11d7edef54ddc15"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/airlift/aircompressor/commit/ff12c4d5757c9d6d1de3d39a10402f1f84f9b765"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://github.com/airlift/aircompressor/security/advisories/GHSA-vx9q-rhv9-3jvg"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        },
        {
          "lang": "en",
          "value": "CWE-201"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

GHSA-VX9Q-RHV9-3JVG

Vulnerability from github – Published: 2025-12-12 22:12 – Updated: 2026-02-25 15:32

Summary

aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer

Details

Summary

Incorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is reused without being cleared, this may lead to disclosure of sensitive data.

Details

With certain crafted compressed inputs, elements from the output buffer can end up in the uncompressed output. This is relevant for applications that reuse the same output buffer to uncompress multiple inputs. This can be the case of a web server that allocates a fix-sized buffer for performance purposes. This is similar to GHSA-cmp6-m4wj-q63q.

Impact

Applications using aircompressor as described above may leak sensitive information to external unauthorized attackers.

Mitigation

The vulnerability is fixed in release 3.4 and 2.0.3. However, it can be mitigated by either: * Avoiding reuse of the decompression buffer across calls * Clearing the decompression buffer before a call to decompress data

Severity

8.2 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.airlift:aircompressor-v3"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.airlift:aircompressor"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-67721"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-201"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-12-12T22:12:22Z",
    "nvd_published_at": "2025-12-12T23:15:42Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nIncorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is reused without being cleared, this may lead to disclosure of sensitive data.\n\n### Details\nWith certain crafted compressed inputs, elements from the output buffer can end up in the uncompressed output. This is relevant for applications that reuse the same output buffer to uncompress multiple inputs. This can be the case of a web server that allocates a fix-sized buffer for performance purposes. This is similar to [GHSA-cmp6-m4wj-q63q](https://github.com/yawkat/lz4-java/security/advisories/GHSA-cmp6-m4wj-q63q).\n\n### Impact\nApplications using aircompressor as described above may leak sensitive information to external unauthorized attackers.\n\n### Mitigation\n\nThe vulnerability is fixed in release 3.4 and 2.0.3. However, it can be mitigated by either:\n* Avoiding reuse of the decompression buffer across calls\n* Clearing the decompression buffer before a call to decompress data",
  "id": "GHSA-vx9q-rhv9-3jvg",
  "modified": "2026-02-25T15:32:27Z",
  "published": "2025-12-12T22:12:22Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/airlift/aircompressor/security/advisories/GHSA-vx9q-rhv9-3jvg"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67721"
    },
    {
      "type": "WEB",
      "url": "https://github.com/airlift/aircompressor/pull/309"
    },
    {
      "type": "WEB",
      "url": "https://github.com/airlift/aircompressor/commit/f2b489b398779b40c1ee29ddb11d7edef54ddc15"
    },
    {
      "type": "WEB",
      "url": "https://github.com/airlift/aircompressor/commit/ff12c4d5757c9d6d1de3d39a10402f1f84f9b765"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/airlift/aircompressor"
    },
    {
      "type": "WEB",
      "url": "https://github.com/airlift/aircompressor/releases/tag/2.0.3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer"
}

WID-SEC-W-2026-0778

Vulnerability from csaf_certbund - Published: 2026-03-18 23:00 - Updated: 2026-05-11 22:00

Summary

Dell Secure Connect Gateway Policy Manager: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Dell Secure Connect Gateway ist eine Softwarelösung, die als sicherer, zentralisierter Punkt für die Verwaltung des Fernzugriffs und des Supports für Hardware und Software von Dell Technologies dient.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Dell Secure Connect Gateway Policy Manager ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.

Betroffene Betriebssysteme: - Sonstiges - Windows

CVE-2014-8991

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2015-2296

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2019-6778

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2020-10756

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2020-13645

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2020-1983

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2020-24455

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2020-25219

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2020-26154

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2020-29130

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2021-3592

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2021-3593

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2021-3594

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2021-3595

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2022-40897

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2023-22745

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2023-5752

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2024-25621

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2024-29040

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2024-6345

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-10911

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-11226

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-11468

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-11563

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-11731

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-12084

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-12781

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-1352

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-13601

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-1372

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-1376

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-1377

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-13836

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-13837

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-14087

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-14512

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-15281

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-15282

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-15366

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-15367

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-15467

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-24294

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-28162

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-28164

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-31133

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-3576

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-47273

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-52565

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-52881

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-53057

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-53666

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-54770

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-54771

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-54798

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-55752

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-59375

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-6075

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-61661

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-61662

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-61663

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-61664

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-61748

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-61795

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-61984

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-61985

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-64329

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-64505

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-64506

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-64720

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-64756

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-65018

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-66035

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-66293

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-66412

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-66614

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-67721

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-68160

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-68973

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-69418

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-69419

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-69420

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-69421

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-69873

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-7039

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-8291

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-9187

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2025-9820

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-0672

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-0861

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-0865

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-0915

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-0988

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-1484

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-1485

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-1489

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-22610

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-22695

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-22795

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-22796

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-22801

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-24734

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-24882

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

CVE-2026-25646

Affected products

Known affected 3 products

Product	Identifier	Version
Dell ECS 3.8.1.0-3.8.1.7 Dell / ECS	`cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7`	3.8.1.0-3.8.1.7
Dell Secure Connect Gateway Policy Manager <5.34.00.14 Dell / Secure Connect Gateway		Policy Manager <5.34.00.14
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16

References

5 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.dell.com/support/kbdoc/de-de/00044113…	external
https://www.dell.com/support/kbdoc/de-de/00044324…	external
https://www.dell.com/support/kbdoc/en-us/00046211…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Dell Secure Connect Gateway ist eine Softwarel\u00f6sung, die als sicherer, zentralisierter Punkt f\u00fcr die Verwaltung des Fernzugriffs und des Supports f\u00fcr Hardware und Software von Dell Technologies dient.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Dell Secure Connect Gateway Policy Manager ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0778 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0778.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0778 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0778"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2026-120 vom 2026-03-18",
        "url": "https://www.dell.com/support/kbdoc/de-de/000441138/dsa-2026-120-security-update-for-dell-secure-connect-gateway-policy-manager-multiple-third-party-component-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2026-152 vom 2026-03-23",
        "url": "https://www.dell.com/support/kbdoc/de-de/000443243/dsa-2026-152-dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory",
        "url": "https://www.dell.com/support/kbdoc/en-us/000462117/dsa-2026-047-security-update-for-dell-ecs-and-objectscale-multiple-vulnerabilities-1"
      }
    ],
    "source_lang": "en-US",
    "title": "Dell Secure Connect Gateway Policy Manager: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-05-11T22:00:00.000+00:00",
      "generator": {
        "date": "2026-05-12T08:12:31.865+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0778",
      "initial_release_date": "2026-03-18T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-03-18T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-03-23T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2026-05-11T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Dell aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.8.1.0-3.8.1.7",
                "product": {
                  "name": "Dell ECS 3.8.1.0-3.8.1.7",
                  "product_id": "T053778",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "ECS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Policy Manager \u003c5.34.00.14",
                "product": {
                  "name": "Dell Secure Connect Gateway Policy Manager \u003c5.34.00.14",
                  "product_id": "T051894"
                }
              },
              {
                "category": "product_version",
                "name": "Policy Manager 5.34.00.14",
                "product": {
                  "name": "Dell Secure Connect Gateway Policy Manager 5.34.00.14",
                  "product_id": "T051894-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:secure_connect_gateway:policy_manager__5.34.00.14"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c5.34.00.16",
                "product": {
                  "name": "Dell Secure Connect Gateway \u003c5.34.00.16",
                  "product_id": "T052048"
                }
              },
              {
                "category": "product_version",
                "name": "5.34.00.16",
                "product": {
                  "name": "Dell Secure Connect Gateway 5.34.00.16",
                  "product_id": "T052048-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:secure_connect_gateway:5.34.00.16"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Secure Connect Gateway"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-8991",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2014-8991"
    },
    {
      "cve": "CVE-2015-2296",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2015-2296"
    },
    {
      "cve": "CVE-2019-6778",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2019-6778"
    },
    {
      "cve": "CVE-2020-10756",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2020-10756"
    },
    {
      "cve": "CVE-2020-13645",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2020-13645"
    },
    {
      "cve": "CVE-2020-1983",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2020-1983"
    },
    {
      "cve": "CVE-2020-24455",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2020-24455"
    },
    {
      "cve": "CVE-2020-25219",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2020-25219"
    },
    {
      "cve": "CVE-2020-26154",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2020-26154"
    },
    {
      "cve": "CVE-2020-29130",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2020-29130"
    },
    {
      "cve": "CVE-2021-3592",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2021-3592"
    },
    {
      "cve": "CVE-2021-3593",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2021-3593"
    },
    {
      "cve": "CVE-2021-3594",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2021-3594"
    },
    {
      "cve": "CVE-2021-3595",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2021-3595"
    },
    {
      "cve": "CVE-2022-40897",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2022-40897"
    },
    {
      "cve": "CVE-2023-22745",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2023-22745"
    },
    {
      "cve": "CVE-2023-5752",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2023-5752"
    },
    {
      "cve": "CVE-2024-25621",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2024-25621"
    },
    {
      "cve": "CVE-2024-29040",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2024-29040"
    },
    {
      "cve": "CVE-2024-6345",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2024-6345"
    },
    {
      "cve": "CVE-2025-10911",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-10911"
    },
    {
      "cve": "CVE-2025-11226",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-11226"
    },
    {
      "cve": "CVE-2025-11468",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-11468"
    },
    {
      "cve": "CVE-2025-11563",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-11563"
    },
    {
      "cve": "CVE-2025-11731",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-11731"
    },
    {
      "cve": "CVE-2025-12084",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-12084"
    },
    {
      "cve": "CVE-2025-12781",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-12781"
    },
    {
      "cve": "CVE-2025-1352",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-1352"
    },
    {
      "cve": "CVE-2025-13601",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-13601"
    },
    {
      "cve": "CVE-2025-1372",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-1372"
    },
    {
      "cve": "CVE-2025-1376",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-1376"
    },
    {
      "cve": "CVE-2025-1377",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-1377"
    },
    {
      "cve": "CVE-2025-13836",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-13836"
    },
    {
      "cve": "CVE-2025-13837",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-13837"
    },
    {
      "cve": "CVE-2025-14087",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-14087"
    },
    {
      "cve": "CVE-2025-14512",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-14512"
    },
    {
      "cve": "CVE-2025-15281",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-15281"
    },
    {
      "cve": "CVE-2025-15282",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-15282"
    },
    {
      "cve": "CVE-2025-15366",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-15366"
    },
    {
      "cve": "CVE-2025-15367",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-15367"
    },
    {
      "cve": "CVE-2025-15467",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-15467"
    },
    {
      "cve": "CVE-2025-24294",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-24294"
    },
    {
      "cve": "CVE-2025-28162",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-28162"
    },
    {
      "cve": "CVE-2025-28164",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-28164"
    },
    {
      "cve": "CVE-2025-31133",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-31133"
    },
    {
      "cve": "CVE-2025-3576",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-3576"
    },
    {
      "cve": "CVE-2025-47273",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-47273"
    },
    {
      "cve": "CVE-2025-52565",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-52565"
    },
    {
      "cve": "CVE-2025-52881",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-52881"
    },
    {
      "cve": "CVE-2025-53057",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-53057"
    },
    {
      "cve": "CVE-2025-53666",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-53666"
    },
    {
      "cve": "CVE-2025-54770",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-54770"
    },
    {
      "cve": "CVE-2025-54771",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-54771"
    },
    {
      "cve": "CVE-2025-54798",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-54798"
    },
    {
      "cve": "CVE-2025-55752",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-55752"
    },
    {
      "cve": "CVE-2025-59375",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-59375"
    },
    {
      "cve": "CVE-2025-6075",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-6075"
    },
    {
      "cve": "CVE-2025-61661",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-61661"
    },
    {
      "cve": "CVE-2025-61662",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-61662"
    },
    {
      "cve": "CVE-2025-61663",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-61663"
    },
    {
      "cve": "CVE-2025-61664",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-61664"
    },
    {
      "cve": "CVE-2025-61748",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-61748"
    },
    {
      "cve": "CVE-2025-61795",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-61795"
    },
    {
      "cve": "CVE-2025-61984",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-61984"
    },
    {
      "cve": "CVE-2025-61985",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-61985"
    },
    {
      "cve": "CVE-2025-64329",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-64329"
    },
    {
      "cve": "CVE-2025-64505",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-64505"
    },
    {
      "cve": "CVE-2025-64506",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-64506"
    },
    {
      "cve": "CVE-2025-64720",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-64720"
    },
    {
      "cve": "CVE-2025-64756",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-64756"
    },
    {
      "cve": "CVE-2025-65018",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-65018"
    },
    {
      "cve": "CVE-2025-66035",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-66035"
    },
    {
      "cve": "CVE-2025-66293",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-66293"
    },
    {
      "cve": "CVE-2025-66412",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-66412"
    },
    {
      "cve": "CVE-2025-66614",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-66614"
    },
    {
      "cve": "CVE-2025-67721",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-67721"
    },
    {
      "cve": "CVE-2025-68160",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-68160"
    },
    {
      "cve": "CVE-2025-68973",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-68973"
    },
    {
      "cve": "CVE-2025-69418",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-69418"
    },
    {
      "cve": "CVE-2025-69419",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-69419"
    },
    {
      "cve": "CVE-2025-69420",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-69420"
    },
    {
      "cve": "CVE-2025-69421",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-69421"
    },
    {
      "cve": "CVE-2025-69873",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-69873"
    },
    {
      "cve": "CVE-2025-7039",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-7039"
    },
    {
      "cve": "CVE-2025-8291",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-8291"
    },
    {
      "cve": "CVE-2025-9187",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-9187"
    },
    {
      "cve": "CVE-2025-9820",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2025-9820"
    },
    {
      "cve": "CVE-2026-0672",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-0672"
    },
    {
      "cve": "CVE-2026-0861",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-0861"
    },
    {
      "cve": "CVE-2026-0865",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-0865"
    },
    {
      "cve": "CVE-2026-0915",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-0915"
    },
    {
      "cve": "CVE-2026-0988",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-0988"
    },
    {
      "cve": "CVE-2026-1484",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-1484"
    },
    {
      "cve": "CVE-2026-1485",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-1485"
    },
    {
      "cve": "CVE-2026-1489",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-1489"
    },
    {
      "cve": "CVE-2026-22610",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-22610"
    },
    {
      "cve": "CVE-2026-22695",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-22695"
    },
    {
      "cve": "CVE-2026-22795",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-22795"
    },
    {
      "cve": "CVE-2026-22796",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-22796"
    },
    {
      "cve": "CVE-2026-22801",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-22801"
    },
    {
      "cve": "CVE-2026-24734",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-24734"
    },
    {
      "cve": "CVE-2026-24882",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-24882"
    },
    {
      "cve": "CVE-2026-25646",
      "product_status": {
        "known_affected": [
          "T053778",
          "T051894",
          "T052048"
        ]
      },
      "release_date": "2026-03-18T23:00:00.000+00:00",
      "title": "CVE-2026-25646"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-67721 (GCVE-0-2025-67721)

Solutions

Solutions

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Summary

Details

Impact

Mitigation

Tags

Sightings

Nomenclature