CLEANSTART-2026-JK47870

See a problem?
Import Source
https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-JK47870.json
JSON Data
https://api.osv.dev/v1/vulns/CLEANSTART-2026-JK47870
Upstream
  • CVE-2026-1225
  • ghsa-6rw7-vpxm-498p
  • ghsa-73rr-hh4g-fpgx
  • ghsa-8qq5-rm4j-mr97
  • ghsa-wqch-xfxh-vrr4
Published
2026-04-01T09:49:35.155892Z
Modified
2026-04-01T18:48:58.370129Z
Summary
Security fixes for CVE-2025-66614, CVE-2026-1225, CVE-2026-24281, CVE-2026-24308, CVE-2026-24733, ghsa-6rw7-vpxm-498p, ghsa-73rr-hh4g-fpgx, ghsa-8qq5-rm4j-mr97, ghsa-wqch-xfxh-vrr4 applied in versions: 4.2.1.1-r1, 4.3.1-r0
Details

Multiple security vulnerabilities affect the thingsboard package. These issues are resolved in later releases. See references for individual vulnerability details.

References

Affected packages

CleanStart / thingsboard

Package

Name
thingsboard

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.1-r0

Database specific

source 
"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-JK47870.json"