Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit d2e30d1b2c77 · 2026-03-29T21:32:27.000Z
GHSA-3wfw-pwxc-r3x9 GHSA-q2q4-jjp8-f6m3
diff --git a/advisories/unreviewed/2026/03/GHSA-3wfw-pwxc-r3x9/GHSA-3wfw-pwxc-r3x9.json b/advisories/unreviewed/2026/03/GHSA-3wfw-pwxc-r3x9/GHSA-3wfw-pwxc-r3x9.json
@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3wfw-pwxc-r3x9",
+  "modified": "2026-03-29T21:30:21Z",
+  "published": "2026-03-29T21:30:21Z",
+  "aliases": [
+    "CVE-2026-4946"
+  ],
+  "details": "Ghidra versions prior to 12.0.3 improperly process annotation directives embedded in automatically extracted binary data, resulting in arbitrary command execution when an analyst interacts with the UI. Specifically, the @execute annotation (which is intended for trusted, user-authored comments) is also parsed in comments generated during auto-analysis (such as CFStrings in Mach-O binaries). This allows a crafted binary to present seemingly benign clickable text which, when clicked, executes attacker-controlled commands on the analyst’s machine.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/NationalSecurityAgency/ghidra/security/advisories/GHSA-mc3p-mq2p-xw6v"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4946"
+    },
+    {
+      "type": "WEB",
+      "url": "https://takeonme.org/gcves/GCVE-1337-2026-00000000000000000000000000000000000000000000000001011111111111000111111110000000000000000000000000000000000000000000000000000000110"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-78"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-03-29T20:16:12Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/03/GHSA-q2q4-jjp8-f6m3/GHSA-q2q4-jjp8-f6m3.json b/advisories/unreviewed/2026/03/GHSA-q2q4-jjp8-f6m3/GHSA-q2q4-jjp8-f6m3.json
@@ -0,0 +1,49 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-q2q4-jjp8-f6m3",
+  "modified": "2026-03-29T21:30:21Z",
+  "published": "2026-03-29T21:30:21Z",
+  "aliases": [
+    "CVE-2026-4176"
+  ],
+  "details": "Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib.\n\nCompress::Raw::Zlib is included in the Perl package as a dual-life core module, and is vulnerable to CVE-2026-3381 due to a vendored version of zlib which has several vulnerabilities, including CVE-2026-27171. The bundled Compress::Raw::Zlib was updated to version 2.221 in Perl blead commit c75ae9cc164205e1b6d6dbd57bd2c65c8593fe94.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4176"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/Perl/perl5/commit/c75ae9cc164205e1b6d6dbd57bd2c65c8593fe94"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.security.metacpan.org/cve-announce/msg/37638919"
+    },
+    {
+      "type": "WEB",
+      "url": "https://metacpan.org/release/PMQS/Compress-Raw-Zlib-2.221/source/Changes"
+    },
+    {
+      "type": "WEB",
+      "url": "https://metacpan.org/release/SHAY/perl-5.40.4/changes"
+    },
+    {
+      "type": "WEB",
+      "url": "https://metacpan.org/release/SHAY/perl-5.42.2/changes"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.cve.org/CVERecord?id=CVE-2026-3381"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-03-29T21:16:15Z"
+  }
+}
