USN-8085-1
- Source
- https://ubuntu.com/security/notices/USN-8085-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8085-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-8085-1
- Upstream
- Related
- Published
- 2026-03-11T16:50:26Z
- Modified
- 2026-04-27T18:47:21.270812099Z
- Summary
- dotnet8, dotnet9, dotnet10 vulnerabilities
- Details
-
It was discovered that the .NET Microsoft.Bcl.Memory NuGet package did not properly handle certain malformed Base64Url encoded input. An attacker could possibly use this issue to cause .NET to crash, resulting in a denial of service. This issue only affected .NET 9.0 and .NET 10.0. (CVE-2026-26127)
Bartłomiej Dach discovered that .NET's SignalR server component did not properly manage resource consumption when processing certain messages. An attacker could possibly use this issue to exhaust internal buffers, resulting in a denial of service. (CVE-2026-26130)
- References
Affected packages
Ubuntu:22.04:LTS
dotnet8
Package
- Name
- dotnet8
- Purl
- pkg:deb/ubuntu/dotnet8@8.0.125-8.0.25-0ubuntu1~22.04.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.0.125-8.0.25-0ubuntu1~22.04.1
Affected versions
8.*
8.0.102-8.0.2-0ubuntu1~22.04.1
8.0.103-8.0.3-0ubuntu1~22.04.1
8.0.103-8.0.3-0ubuntu1~22.04.2
8.0.105-8.0.5-0ubuntu1~22.04.1
8.0.107-8.0.7-0ubuntu1~22.04.1
8.0.108-8.0.8-0ubuntu1~22.04.1
8.0.110-8.0.10-0ubuntu1~22.04.1
8.0.111-8.0.11-0ubuntu1~22.04.1
8.0.112-8.0.12-0ubuntu1~22.04.1
8.0.114-8.0.14-0ubuntu1~22.04.1
8.0.115-8.0.15-0ubuntu1~22.04.1
8.0.116-8.0.16-0ubuntu1~22.04.1
8.0.117-8.0.17-0ubuntu1~22.04.1
8.0.118-8.0.18-0ubuntu1~22.04.1
8.0.119-8.0.19-0ubuntu1~22.04.1
8.0.120-8.0.20-0ubuntu1~22.04.1
8.0.121-8.0.21-0ubuntu1~22.04.1
8.0.122-8.0.22-0ubuntu1~22.04.1
8.0.123-8.0.23-0ubuntu1~22.04.1
8.0.124-8.0.24-0ubuntu1~22.04.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "aspnetcore-runtime-8.0",
"binary_version": "8.0.25-0ubuntu1~22.04.1"
},
{
"binary_name": "aspnetcore-runtime-dbg-8.0",
"binary_version": "8.0.25-0ubuntu1~22.04.1"
},
{
"binary_name": "aspnetcore-targeting-pack-8.0",
"binary_version": "8.0.25-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-apphost-pack-8.0",
"binary_version": "8.0.25-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-host-8.0",
"binary_version": "8.0.25-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-hostfxr-8.0",
"binary_version": "8.0.25-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-runtime-8.0",
"binary_version": "8.0.25-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-runtime-dbg-8.0",
"binary_version": "8.0.25-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-sdk-8.0",
"binary_version": "8.0.125-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-sdk-8.0-source-built-artifacts",
"binary_version": "8.0.125-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-sdk-dbg-8.0",
"binary_version": "8.0.125-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-targeting-pack-8.0",
"binary_version": "8.0.25-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet-templates-8.0",
"binary_version": "8.0.125-0ubuntu1~22.04.1"
},
{
"binary_name": "dotnet8",
"binary_version": "8.0.125-8.0.25-0ubuntu1~22.04.1"
},
{
"binary_name": "netstandard-targeting-pack-2.1-8.0",
"binary_version": "8.0.125-0ubuntu1~22.04.1"
}
],
"availability": "No subscription required"
}Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8085-1.json"
cves_map
{
"ecosystem": "Ubuntu:22.04:LTS",
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2026-26130"
}
]
}
Ubuntu:24.04:LTS
dotnet10
Package
- Name
- dotnet10
- Purl
- pkg:deb/ubuntu/dotnet10@10.0.104-10.0.4-0ubuntu1~24.04.1?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.0.104-10.0.4-0ubuntu1~24.04.1
Affected versions
10.*
10.0.100-10.0.0-0ubuntu1~24.04.1
10.0.101-10.0.1-0ubuntu1~24.04.2
10.0.103-10.0.3-0ubuntu1~24.04.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "aspnetcore-runtime-10.0",
"binary_version": "10.0.4-0ubuntu1~24.04.1"
},
{
"binary_name": "aspnetcore-runtime-dbg-10.0",
"binary_version": "10.0.4-0ubuntu1~24.04.1"
},
{
"binary_name": "aspnetcore-targeting-pack-10.0",
"binary_version": "10.0.4-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-apphost-pack-10.0",
"binary_version": "10.0.4-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-host-10.0",
"binary_version": "10.0.4-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-hostfxr-10.0",
"binary_version": "10.0.4-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-runtime-10.0",
"binary_version": "10.0.4-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-runtime-dbg-10.0",
"binary_version": "10.0.4-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-sdk-10.0",
"binary_version": "10.0.104-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-sdk-10.0-source-built-artifacts",
"binary_version": "10.0.104-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-sdk-aot-10.0",
"binary_version": "10.0.104-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-sdk-dbg-10.0",
"binary_version": "10.0.104-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-targeting-pack-10.0",
"binary_version": "10.0.4-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-templates-10.0",
"binary_version": "10.0.104-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet10",
"binary_version": "10.0.104-10.0.4-0ubuntu1~24.04.1"
}
],
"availability": "No subscription required"
}Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8085-1.json"
cves_map
{
"ecosystem": "Ubuntu:24.04:LTS",
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2026-26127"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2026-26130"
}
]
}
dotnet8
Package
- Name
- dotnet8
- Purl
- pkg:deb/ubuntu/dotnet8@8.0.125-8.0.25-0ubuntu1~24.04.1?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.0.125-8.0.25-0ubuntu1~24.04.1
Affected versions
8.*
8.0.100-8.0.0~rc1-0ubuntu1
8.0.100-8.0.0~rc2-0ubuntu1
8.0.100-8.0.0~rc2-0ubuntu2
8.0.100-8.0.0-0ubuntu1
8.0.100-8.0.0-0ubuntu2
8.0.101-8.0.1-0ubuntu1
8.0.101-8.0.1-0ubuntu2
8.0.102-8.0.2-0ubuntu1
8.0.103-8.0.3-0ubuntu2
8.0.103-8.0.3-0ubuntu3
8.0.104-8.0.4-0ubuntu1
8.0.105-8.0.5-0ubuntu1~24.04.1
8.0.107-8.0.7-0ubuntu1~24.04.1
8.0.108-8.0.8-0ubuntu1~24.04.1
8.0.108-8.0.8-0ubuntu1~24.04.2
8.0.110-8.0.10-0ubuntu1~24.04.1
8.0.111-8.0.11-0ubuntu1~24.04.1
8.0.112-8.0.12-0ubuntu1~24.04.1
8.0.114-8.0.14-0ubuntu1~24.04.1
8.0.115-8.0.15-0ubuntu1~24.04.1
8.0.116-8.0.16-0ubuntu1~24.04.1
8.0.117-8.0.17-0ubuntu1~24.04.1
8.0.118-8.0.18-0ubuntu1~24.04.1
8.0.119-8.0.19-0ubuntu1~24.04.1
8.0.120-8.0.20-0ubuntu1~24.04.1
8.0.121-8.0.21-0ubuntu1~24.04.1
8.0.122-8.0.22-0ubuntu1~24.04.1
8.0.123-8.0.23-0ubuntu1~24.04.1
8.0.124-8.0.24-0ubuntu1~24.04.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "aspnetcore-runtime-8.0",
"binary_version": "8.0.25-0ubuntu1~24.04.1"
},
{
"binary_name": "aspnetcore-runtime-dbg-8.0",
"binary_version": "8.0.25-0ubuntu1~24.04.1"
},
{
"binary_name": "aspnetcore-targeting-pack-8.0",
"binary_version": "8.0.25-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-apphost-pack-8.0",
"binary_version": "8.0.25-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-host-8.0",
"binary_version": "8.0.25-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-hostfxr-8.0",
"binary_version": "8.0.25-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-runtime-8.0",
"binary_version": "8.0.25-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-runtime-dbg-8.0",
"binary_version": "8.0.25-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-sdk-8.0",
"binary_version": "8.0.125-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-sdk-8.0-source-built-artifacts",
"binary_version": "8.0.125-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-sdk-dbg-8.0",
"binary_version": "8.0.125-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-targeting-pack-8.0",
"binary_version": "8.0.25-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet-templates-8.0",
"binary_version": "8.0.125-0ubuntu1~24.04.1"
},
{
"binary_name": "dotnet8",
"binary_version": "8.0.125-8.0.25-0ubuntu1~24.04.1"
},
{
"binary_name": "netstandard-targeting-pack-2.1-8.0",
"binary_version": "8.0.125-0ubuntu1~24.04.1"
}
],
"availability": "No subscription required"
}Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8085-1.json"
cves_map
{
"ecosystem": "Ubuntu:24.04:LTS",
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2026-26127"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2026-26130"
}
]
}
Ubuntu:25.10
dotnet10
Package
- Name
- dotnet10
- Purl
- pkg:deb/ubuntu/dotnet10@10.0.104-10.0.4-0ubuntu1~25.10.1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.0.104-10.0.4-0ubuntu1~25.10.1
Affected versions
10.*
10.0.100-10.0.0~rc1-0ubuntu1
10.0.100-10.0.0~rc2-0ubuntu1~25.10.2
10.0.100-10.0.0-0ubuntu1~25.10.1
10.0.101-10.0.1-0ubuntu1~25.10.2
10.0.103-10.0.3-0ubuntu1~25.10.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "aspnetcore-runtime-10.0",
"binary_version": "10.0.4-0ubuntu1~25.10.1"
},
{
"binary_name": "aspnetcore-runtime-dbg-10.0",
"binary_version": "10.0.4-0ubuntu1~25.10.1"
},
{
"binary_name": "aspnetcore-targeting-pack-10.0",
"binary_version": "10.0.4-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-apphost-pack-10.0",
"binary_version": "10.0.4-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-host-10.0",
"binary_version": "10.0.4-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-hostfxr-10.0",
"binary_version": "10.0.4-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-runtime-10.0",
"binary_version": "10.0.4-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-runtime-dbg-10.0",
"binary_version": "10.0.4-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-10.0",
"binary_version": "10.0.104-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-10.0-source-built-artifacts",
"binary_version": "10.0.104-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-aot-10.0",
"binary_version": "10.0.104-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-dbg-10.0",
"binary_version": "10.0.104-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-targeting-pack-10.0",
"binary_version": "10.0.4-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-templates-10.0",
"binary_version": "10.0.104-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet10",
"binary_version": "10.0.104-10.0.4-0ubuntu1~25.10.1"
}
],
"availability": "No subscription required"
}Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8085-1.json"
cves_map
{
"ecosystem": "Ubuntu:25.10",
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2026-26127"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2026-26130"
}
]
}
dotnet8
Package
- Name
- dotnet8
- Purl
- pkg:deb/ubuntu/dotnet8@8.0.125-8.0.25-0ubuntu1~25.10.1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.0.125-8.0.25-0ubuntu1~25.10.1
Affected versions
8.*
8.0.115-8.0.15-0ubuntu1
8.0.116-8.0.16-0ubuntu1
8.0.117-8.0.17-0ubuntu1
8.0.118-8.0.18-0ubuntu1
8.0.119-8.0.19-0ubuntu1
8.0.120-8.0.20-0ubuntu1
8.0.121-8.0.21-0ubuntu1~25.10.1
8.0.122-8.0.22-0ubuntu1~25.10.1
8.0.123-8.0.23-0ubuntu1~25.10.1
8.0.124-8.0.24-0ubuntu1~25.10.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "aspnetcore-runtime-8.0",
"binary_version": "8.0.25-0ubuntu1~25.10.1"
},
{
"binary_name": "aspnetcore-runtime-dbg-8.0",
"binary_version": "8.0.25-0ubuntu1~25.10.1"
},
{
"binary_name": "aspnetcore-targeting-pack-8.0",
"binary_version": "8.0.25-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-apphost-pack-8.0",
"binary_version": "8.0.25-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-host-8.0",
"binary_version": "8.0.25-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-hostfxr-8.0",
"binary_version": "8.0.25-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-runtime-8.0",
"binary_version": "8.0.25-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-runtime-dbg-8.0",
"binary_version": "8.0.25-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-8.0",
"binary_version": "8.0.125-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-8.0-source-built-artifacts",
"binary_version": "8.0.125-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-dbg-8.0",
"binary_version": "8.0.125-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-targeting-pack-8.0",
"binary_version": "8.0.25-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-templates-8.0",
"binary_version": "8.0.125-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet8",
"binary_version": "8.0.125-8.0.25-0ubuntu1~25.10.1"
},
{
"binary_name": "netstandard-targeting-pack-2.1-8.0",
"binary_version": "8.0.125-0ubuntu1~25.10.1"
}
],
"availability": "No subscription required"
}Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8085-1.json"
cves_map
{
"ecosystem": "Ubuntu:25.10",
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2026-26127"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2026-26130"
}
]
}
dotnet9
Package
- Name
- dotnet9
- Purl
- pkg:deb/ubuntu/dotnet9@9.0.115-9.0.14-0ubuntu1~25.10.1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.0.115-9.0.14-0ubuntu1~25.10.1
Affected versions
9.*
9.0.105-9.0.4-0ubuntu1
9.0.106-9.0.5-0ubuntu1
9.0.107-9.0.6-0ubuntu1
9.0.108-9.0.7-0ubuntu1
9.0.109-9.0.8-0ubuntu1
9.0.110-9.0.9-0ubuntu1
9.0.111-9.0.10-0ubuntu1~25.10.1
9.0.112-9.0.11-0ubuntu1~25.10.1
9.0.113-9.0.12-0ubuntu1~25.10.1
9.0.114-9.0.13-0ubuntu1~25.10.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "aspnetcore-runtime-9.0",
"binary_version": "9.0.14-0ubuntu1~25.10.1"
},
{
"binary_name": "aspnetcore-runtime-dbg-9.0",
"binary_version": "9.0.14-0ubuntu1~25.10.1"
},
{
"binary_name": "aspnetcore-targeting-pack-9.0",
"binary_version": "9.0.14-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-apphost-pack-9.0",
"binary_version": "9.0.14-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-host-9.0",
"binary_version": "9.0.14-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-hostfxr-9.0",
"binary_version": "9.0.14-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-runtime-9.0",
"binary_version": "9.0.14-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-runtime-dbg-9.0",
"binary_version": "9.0.14-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-9.0",
"binary_version": "9.0.115-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-9.0-source-built-artifacts",
"binary_version": "9.0.115-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-aot-9.0",
"binary_version": "9.0.115-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-sdk-dbg-9.0",
"binary_version": "9.0.115-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-targeting-pack-9.0",
"binary_version": "9.0.14-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet-templates-9.0",
"binary_version": "9.0.115-0ubuntu1~25.10.1"
},
{
"binary_name": "dotnet9",
"binary_version": "9.0.115-9.0.14-0ubuntu1~25.10.1"
},
{
"binary_name": "netstandard-targeting-pack-2.1-9.0",
"binary_version": "9.0.115-0ubuntu1~25.10.1"
}
],
"availability": "No subscription required"
}Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8085-1.json"
cves_map
{
"ecosystem": "Ubuntu:25.10",
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2026-26127"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2026-26130"
}
]
}