{"data":{"id":"083ba73b-7c18-4713-ba9f-fc7049816570","title":"GHSA-ppfx-73j5-fhxc: Skill-scanner Unsecured Network Binding Vulnerability","summary":"Skill-scanner versions 1.0.1 and earlier have a vulnerability in their API Server (a network interface that lets external programs communicate with the software) where the server is incorrectly exposed to multiple network interfaces without proper authentication. An attacker could send requests to this server to cause a denial of service attack (making it unavailable by exhausting its resources) or upload files to unintended locations on the device.","solution":"Update to Skill-scanner version 1.0.2 or later, which contains the fix for this vulnerability.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-ppfx-73j5-fhxc","publishedAt":"2026-02-17T18:55:39.000Z","cveId":"CVE-2026-26057","cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":["cisco-ai-skill-scanner@< 1.0.2 (fixed: 1.0.2)"],"affectedVendors":[],"affectedVendorsRaw":["Cisco","Skill-scanner"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00059,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["availability","integrity"],"aiComponentTargeted":null,"llmSpecific":false,"classifierConfidence":0.72,"researchCategory":null,"atlasIds":null}}