Skip to content

Add missing CWE IDs to GHSA-4jqp-9qjv-57m2#6808

Open
DeadManOfficial wants to merge 1 commit intogithub:DeadManOfficial/advisory-improvement-6808from
DeadManOfficial:improve-GHSA-4jqp-9qjv-57m2
Open

Add missing CWE IDs to GHSA-4jqp-9qjv-57m2#6808
DeadManOfficial wants to merge 1 commit intogithub:DeadManOfficial/advisory-improvement-6808from
DeadManOfficial:improve-GHSA-4jqp-9qjv-57m2

Conversation

@DeadManOfficial
Copy link

@DeadManOfficial DeadManOfficial commented Feb 8, 2026

Summary

  • Added CWE-306 (Missing Authentication for Critical Function) and CWE-287 (Improper Authentication) to the cwe_ids field

Details

The advisory summary for CVE-2026-1709 (Keylime registrar mTLS bypass) references both Missing Authentication for Critical Function and Improper Authentication, but the cwe_ids array was empty. This PR adds the correct CWE mappings.

@DeadManOfficial
Add missing CWE IDs to GHSA-4jqp-9qjv-57m2
21732ee 
The advisory summary references Missing Authentication for Critical
Function (CWE-306) and Improper Authentication (CWE-287) but the
cwe_ids field was empty. Added both CWEs to match the described
vulnerability.
@github-actions github-actions bot changed the base branch from main to DeadManOfficial/advisory-improvement-6808 February 8, 2026 04:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@DeadManOfficial