rubysec · jasnow · May 12, 2026
diff --git a/gems/activestorage/CVE-2026-33658.yml b/gems/activestorage/CVE-2026-33658.yml
@@ -14,6 +14,7 @@ description: |
   ranges in an HTTP Range header. A request with thousands of small
   ranges causes disproportionate CPU usage compared to a normal
   request for the same file, possibly resulting in a DoS vulnerability.
+cvss_v3: 6.5
 patched_versions:
   - "~> 7.2.3, >= 7.2.3.1"
   - "~> 8.0.4, >= 8.0.4.1"

diff --git a/gems/camaleon_cms/CVE-2026-1776.yml b/gems/camaleon_cms/CVE-2026-1776.yml
@@ -20,6 +20,7 @@ description: |
   access sensitive files such as /etc/passwd. This issue represents a
   bypass of the incomplete fix for CVE-2024-46987 and affects
   deployments using the AWS S3 storage backend.
+cvss_v3: 6.5
 cvss_v4: 6.0
 unaffected_versions:
   - "< 2.4.5.0"

diff --git a/gems/decidim-core/CVE-2026-23891.yml b/gems/decidim-core/CVE-2026-23891.yml
@@ -31,6 +31,7 @@ description: |
   [octree](https://octree.ch/) and made by
   [Secu Labs](https://seculabs.ch/) against Decidim financed
   by the city of Lausanne (Switzerland).
+cvss_v3: 8.7
 patched_versions:
   - "~> 0.30.5"
   - ">= 0.31.1"

diff --git a/gems/uri/CVE-2025-61594.yml b/gems/uri/CVE-2025-61594.yml
@@ -29,6 +29,7 @@ description: |
 
   Thanks to junfuchong (chongfujun) for discovering this issue.
   Also thanks to nobu for additional fixes of this vulnerability.
+cvss_v3: 7.5
 patched_versions:
   - "~> 0.12.5"
   - "~> 0.13.3"