Auto-Update: 2025-04-27T20:00:20.590710+00:00

2025-07-11 16:13:34 +00:00 · 2025-04-27 20:04:00 +00:00 · 2025-04-27 20:04:00 +00:00 · 3cf5f0ba06
commit 3cf5f0ba06
parent 2a59ef5f95
7 changed files with 656 additions and 13 deletions
--- a/CVE-2025/CVE-2025-28xx/CVE-2025-2866.json
+++ b/CVE-2025/CVE-2025-28xx/CVE-2025-2866.json
@ -0,0 +1,78 @@
+{
+  "id": "CVE-2025-2866",
+  "sourceIdentifier": "security@documentfoundation.org",
+  "published": "2025-04-27T19:15:15.137",
+  "lastModified": "2025-04-27T19:15:15.137",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation.\n\n\n\n\nIn the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid\n\n\n\n\nThis issue affects LibreOffice: from 24.8 before < 24.8.6, from 25.2 before < 25.2.2."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "security@documentfoundation.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 2.4,
+          "baseSeverity": "LOW",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "PASSIVE",
+          "vulnConfidentialityImpact": "LOW",
+          "vulnIntegrityImpact": "NONE",
+          "vulnAvailabilityImpact": "NONE",
+          "subConfidentialityImpact": "LOW",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@documentfoundation.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-347"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2025-2866",
+      "source": "security@documentfoundation.org"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-39xx/CVE-2025-3979.json
+++ b/CVE-2025/CVE-2025-39xx/CVE-2025-3979.json
@ -0,0 +1,141 @@
+{
+  "id": "CVE-2025-3979",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-04-27T18:15:16.020",
+  "lastModified": "2025-04-27T18:15:16.020",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-password-ajax-1 of the component Password Change Handler. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "PASSIVE",
+          "vulnConfidentialityImpact": "NONE",
+          "vulnIntegrityImpact": "LOW",
+          "vulnAvailabilityImpact": "NONE",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
+          "baseScore": 5.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 10.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-862"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/dtwin88/cve-md/blob/main/lecms%20V3.0.3/lecms_3.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.306315",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.306315",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.557787",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-39xx/CVE-2025-3980.json
+++ b/CVE-2025/CVE-2025-39xx/CVE-2025-3980.json
@ -0,0 +1,141 @@
+{
+  "id": "CVE-2025-3980",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-04-27T18:15:16.237",
+  "lastModified": "2025-04-27T18:15:16.237",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability classified as problematic was found in wowjoy \u6d59\u6c5f\u6e56\u5dde\u534e\u5353\u4fe1\u606f\u79d1\u6280\u6709\u9650\u516c\u53f8 Internet Doctor Workstation System 1.0. This vulnerability affects unknown code of the file /v1/prescription/list. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "LOW",
+          "vulnIntegrityImpact": "NONE",
+          "vulnAvailabilityImpact": "NONE",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
+          "baseScore": 4.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-266"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-285"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/38279/3/issues/1",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.306316",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.306316",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.557930",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-39xx/CVE-2025-3981.json
+++ b/CVE-2025/CVE-2025-39xx/CVE-2025-3981.json
@ -0,0 +1,137 @@
+{
+  "id": "CVE-2025-3981",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-04-27T19:15:15.750",
+  "lastModified": "2025-04-27T19:15:15.750",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability, which was classified as problematic, has been found in wowjoy \u6d59\u6c5f\u6e56\u5dde\u534e\u5353\u4fe1\u606f\u79d1\u6280\u6709\u9650\u516c\u53f8 Internet Doctor Workstation System 1.0. This issue affects some unknown processing of the file /v1/prescription/details/. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "LOW",
+          "vulnIntegrityImpact": "NONE",
+          "vulnAvailabilityImpact": "NONE",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
+          "baseScore": 4.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-266"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-285"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/38279/3/issues/1",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.306317",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.306317",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-39xx/CVE-2025-3982.json
+++ b/CVE-2025/CVE-2025-39xx/CVE-2025-3982.json
@ -0,0 +1,141 @@
+{
+  "id": "CVE-2025-3982",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-04-27T19:15:15.923",
+  "lastModified": "2025-04-27T19:15:15.923",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability, which was classified as problematic, was found in nortikin Sverchok 1.3.0. Affected is the function SvSetPropNodeMK2 of the file sverchok/nodes/object_nodes/getsetprop_mk2.py of the component Set Property Mk2 Node. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "NONE",
+          "vulnIntegrityImpact": "LOW",
+          "vulnAvailabilityImpact": "NONE",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
+          "baseScore": 4.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-94"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-1321"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://gist.github.com/superboy-zjc/a31b8ea7466f91b437598297bf5cbce8",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.306318",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.306318",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.557411",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-04-27T18:00:19.999791+00:00
+2025-04-27T20:00:20.590710+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-04-27T17:15:16.193000+00:00
+2025-04-27T19:15:15.923000+00:00
 ```

 ### Last Data Feed Release
@ -33,18 +33,18 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-291527
+291532
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `5`

- [CVE-2025-3975](CVE-2025/CVE-2025-39xx/CVE-2025-3975.json) (`2025-04-27T16:15:15.260`)
- [CVE-2025-3976](CVE-2025/CVE-2025-39xx/CVE-2025-3976.json) (`2025-04-27T16:15:15.433`)
- [CVE-2025-3977](CVE-2025/CVE-2025-39xx/CVE-2025-3977.json) (`2025-04-27T17:15:15.853`)
- [CVE-2025-3978](CVE-2025/CVE-2025-39xx/CVE-2025-3978.json) (`2025-04-27T17:15:16.030`)
- [CVE-2025-46657](CVE-2025/CVE-2025-466xx/CVE-2025-46657.json) (`2025-04-27T16:15:15.613`)
+- [CVE-2025-2866](CVE-2025/CVE-2025-28xx/CVE-2025-2866.json) (`2025-04-27T19:15:15.137`)
+- [CVE-2025-3979](CVE-2025/CVE-2025-39xx/CVE-2025-3979.json) (`2025-04-27T18:15:16.020`)
+- [CVE-2025-3980](CVE-2025/CVE-2025-39xx/CVE-2025-3980.json) (`2025-04-27T18:15:16.237`)
+- [CVE-2025-3981](CVE-2025/CVE-2025-39xx/CVE-2025-3981.json) (`2025-04-27T19:15:15.750`)
+- [CVE-2025-3982](CVE-2025/CVE-2025-39xx/CVE-2025-3982.json) (`2025-04-27T19:15:15.923`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -288215,6 +288215,7 @@ CVE-2025-2862,0,0,d42da37ae120383972bca9b3c34491a1998bf94496751edff9d3b8653ccd4e
 CVE-2025-2863,0,0,89f439925468e699ad113743583fdeda2696a66656c397c031b5ea7d3d0ecb34,2025-03-28T18:11:40.180000
 CVE-2025-2864,0,0,1f66654aa924832c01c946b8c047f8723266750dca2c13c7a67536d81d107cad,2025-03-28T18:11:40.180000
 CVE-2025-2865,0,0,ec0c359364e90a26d27d62ffa0653d855c3daf1b4b8f1b737e51327fd1068f74,2025-03-28T18:11:40.180000
+CVE-2025-2866,1,1,a0631665854b2b3f2e4f1a55f988ff5c6e9e21c9cfe567f91b12861ab98a9126,2025-04-27T19:15:15.137000
 CVE-2025-2867,0,0,64215baabccd6fdf04d8b048452d95e3b2ff4d5237bc2e15b566982b293865f3,2025-03-27T16:45:12.210000
 CVE-2025-2868,0,0,8956298391ba0923e590541b3fae1d38dc061830ea826ef81d09ab51842ff44b,2025-03-28T18:11:40.180000
 CVE-2025-2869,0,0,c096e0a3f8c1567897f984075f9b7eae7e0b2ff1c1febfd4a8d8f0861bac0208,2025-03-28T18:11:40.180000
@ -291266,12 +291267,16 @@ CVE-2025-39728,0,0,1aabeb48c74961651a085e70675ac1fbb7850a26c8e3690479606fce3eed8
 CVE-2025-3973,0,0,7185a71a7968bab05d8a7ab2de6648dc249e6a8df96171e643478fc72e2bd846,2025-04-27T15:15:15.577000
 CVE-2025-39735,0,0,685f7725750b068bcf70f45c9b43584f95555d2cf42375499465209022c1892a,2025-04-21T14:23:45.950000
 CVE-2025-3974,0,0,cc88a5551cfeb7a6ea2c180ac6862f1a69f07ceda7e1534a180ace6214ee67cb,2025-04-27T15:15:15.750000
-CVE-2025-3975,1,1,ccd2090e0033c3182f35c42461c91b7420600b4065a04085380e97e54751f7a5,2025-04-27T16:15:15.260000
+CVE-2025-3975,0,0,ccd2090e0033c3182f35c42461c91b7420600b4065a04085380e97e54751f7a5,2025-04-27T16:15:15.260000
 CVE-2025-39755,0,0,1f38e61cb827ac50879084bd3bf4c59efb9767371f960520c29d85a66c57d533,2025-04-21T14:23:45.950000
-CVE-2025-3976,1,1,13905d0f00709e6872151e7ad1b1a6c91b55e9419f2a701304870aa7e8e601fd,2025-04-27T16:15:15.433000
-CVE-2025-3977,1,1,5e645294bea4f955dbd0c8bfe2e4d659f8a6cbaeaef4d07a6abec039717e4035,2025-04-27T17:15:15.853000
+CVE-2025-3976,0,0,13905d0f00709e6872151e7ad1b1a6c91b55e9419f2a701304870aa7e8e601fd,2025-04-27T16:15:15.433000
+CVE-2025-3977,0,0,5e645294bea4f955dbd0c8bfe2e4d659f8a6cbaeaef4d07a6abec039717e4035,2025-04-27T17:15:15.853000
 CVE-2025-39778,0,0,fe7c9bb969991c6f8bd7e817623bae52cecda002e042590bfe971c7c81dc9221,2025-04-21T14:23:45.950000
-CVE-2025-3978,1,1,2ae726000475a1877b6d2b2bc2bce0aefd6ddc7a5b797a2eec055d71b6e4c1a9,2025-04-27T17:15:16.030000
+CVE-2025-3978,0,0,2ae726000475a1877b6d2b2bc2bce0aefd6ddc7a5b797a2eec055d71b6e4c1a9,2025-04-27T17:15:16.030000
+CVE-2025-3979,1,1,f4d2791ebc027f4f4851dce9ea15411bb525aa09eceed7cb069e5ffd2cf0f1ab,2025-04-27T18:15:16.020000
+CVE-2025-3980,1,1,c60e8fd71f58158175a8f0778b502b82e82edff0ca359aaa3a416b667c30a069,2025-04-27T18:15:16.237000
+CVE-2025-3981,1,1,e00538d9c56dd754fe25e8b3e5c7f162e04e282f768ed8abdbece459893339eb,2025-04-27T19:15:15.750000
+CVE-2025-3982,1,1,4f8f549d1d80deb736d2fa8a9bf8c95ff99706664721ec9ea5e797ffff0b5328,2025-04-27T19:15:15.923000
 CVE-2025-39930,0,0,42a6955cb0fac1dbd2e5441fb532d9f28b1aaca2d877ee160dbbe720b8efb409,2025-04-21T14:23:45.950000
 CVE-2025-39989,0,0,0cc48b7ef86c29cf020b5aeed708c2666289505a450cbef1f0919638b4d7450b,2025-04-21T14:23:45.950000
 CVE-2025-40014,0,0,cd080bf4e4d482813f829913b5bcdc82f102b28a1076dcf4e2daf085d68110b7,2025-04-21T14:23:45.950000
@ -291521,7 +291526,7 @@ CVE-2025-46653,0,0,ef2c2588ef89c2be60dffff5cf2fbf7f6b584e234cba5660dbff8aaa5fdfd
 CVE-2025-46654,0,0,572c4d63fa2f8afca64ec12e1381813d160fa2c2ee84d4e0448e47cdcd412a94,2025-04-26T21:15:15.100000
 CVE-2025-46655,0,0,a9f672e75f586721e3ec47d88a24167a5da40f45a10ccbe0303bfb6061c72944,2025-04-26T21:15:15.260000
 CVE-2025-46656,0,0,696b18d293f3e47530d9a462ec4dcce6fe7c7473fa83e2a90e8336464b46aa30,2025-04-26T22:15:17.260000
-CVE-2025-46657,1,1,61b5714a3945d18f5b1028d9d01f06343b4f515928a414fd8f4acc9db2248fff,2025-04-27T17:15:16.193000
+CVE-2025-46657,0,0,61b5714a3945d18f5b1028d9d01f06343b4f515928a414fd8f4acc9db2248fff,2025-04-27T17:15:16.193000
 CVE-2025-46672,0,0,a515f04f2684525b908fbd5bf52c62317ae3f104cec7ce6d3fbe0f544f2f50f4,2025-04-27T01:15:44.327000
 CVE-2025-46673,0,0,b4b185c7af04fb38cea193788026d34ee5cbd860f38177d871857854e4306632,2025-04-27T01:15:44.477000
 CVE-2025-46674,0,0,46444152edd713c1307e6ccc5d1033b322cbe1d07cb6f10dea38fc2301d3d28e,2025-04-27T01:15:44.623000