Publish Advisories

GHSA-29mf-95fh-hwxf
GHSA-3p66-hvjq-gcvr
GHSA-95m4-fmhv-g399
GHSA-974q-2m48-3288

Author: advisory-database[bot]

advisories/unreviewed/2026/03/GHSA-29mf-95fh-hwxf/GHSA-29mf-95fh-hwxf.json

@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-29mf-95fh-hwxf",
+  "modified": "2026-03-22T00:30:28Z",
+  "published": "2026-03-22T00:30:28Z",
+  "aliases": [
+    "CVE-2026-4528"
+  ],
+  "details": "A vulnerability was determined in trueleaf ApiFlow 0.9.7. The impacted element is the function validateUrlSecurity of the file packages/server/src/service/proxy/http_proxy.service.ts of the component URL Validation Handler. This manipulation causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4528"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.352316"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.352316"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.784197"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.notion.so/Server-Side-Request-Forgery-SSRF-in-ApiFlow-329ea92a3c4180489df2fa2702078fe5"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-918"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-03-21T22:16:20Z"
+  }
+}

advisories/unreviewed/2026/03/GHSA-3p66-hvjq-gcvr/GHSA-3p66-hvjq-gcvr.json

@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3p66-hvjq-gcvr",
+  "modified": "2026-03-22T00:30:28Z",
+  "published": "2026-03-22T00:30:28Z",
+  "aliases": [
+    "CVE-2026-4530"
+  ],
+  "details": "A security flaw has been discovered in apconw Aix-DB up to 1.2.3. This impacts an unknown function of the file agent/text2sql/rag/terminology_retriever.py. Performing a manipulation of the argument Description results in sql injection. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4530"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/Ka7arotto/cve/blob/main/Aix-DB-nl2sql.md"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.352318"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.352318"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.774072"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-74"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-03-22T00:16:06Z"
+  }
+}

advisories/unreviewed/2026/03/GHSA-95m4-fmhv-g399/GHSA-95m4-fmhv-g399.json

@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-95m4-fmhv-g399",
+  "modified": "2026-03-22T00:30:28Z",
+  "published": "2026-03-22T00:30:28Z",
+  "aliases": [
+    "CVE-2026-4529"
+  ],
+  "details": "A vulnerability was identified in D-Link DHP-1320 1.00WWB04. This affects the function redirect_count_down_page of the component SOAP Handler. Such manipulation leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4529"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/xiaobor123/vul-finds/tree/main/vul-find-dhp1320-dlink"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.352317"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.352317"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.773932"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.dlink.com"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-119"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-03-21T23:16:51Z"
+  }
+}

advisories/unreviewed/2026/03/GHSA-974q-2m48-3288/GHSA-974q-2m48-3288.json

@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-974q-2m48-3288",
+  "modified": "2026-03-22T00:30:28Z",
+  "published": "2026-03-22T00:30:28Z",
+  "aliases": [
+    "CVE-2026-3629"
+  ],
+  "details": "The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.29.7. This is due to the 'save_extra_user_profile_fields' function not properly restricting which user meta keys can be updated via profile fields. The 'get_restricted_fields' method does not include sensitive meta keys such as 'wp_capabilities'. This makes it possible for unauthenticated attackers to escalate their privileges to Administrator by submitting a crafted registration request that sets the 'wp_capabilities' meta key. The vulnerability can only be exploited if the \"Show fields in profile\" setting is enabled and a CSV with a wp_capabilities column header has been previously imported.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3629"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta/tags/1.29.7/classes/columns.php#L193"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta/tags/1.29.7/classes/columns.php#L217"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/import-users-from-csv-with-meta/tags/1.29.7/classes/helper.php#L146"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset/3483330/import-users-from-csv-with-meta#file37"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/48dd9098-38e6-49da-8d22-27e12fddef51?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-269"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-03-21T23:16:51Z"
+  }
+}