github · legacy-git · Jan 9, 2026 · Copilot · Jan 9, 2026 · Copilot
diff --git a/advisories/github-reviewed/2025/12/GHSA-54mj-vcvj-q3v5/GHSA-54mj-vcvj-q3v5.json b/advisories/github-reviewed/2025/12/GHSA-54mj-vcvj-q3v5/GHSA-54mj-vcvj-q3v5.json
@@ -1,21 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-54mj-vcvj-q3v5",
-  "modified": "2026-01-03T00:24:47Z",
+  "modified": "2026-01-03T00:24:48Z",
   "published": "2025-12-22T21:30:33Z",
   "aliases": [
     "CVE-2025-67288"
   ],
   "summary": "Umbraco CMS has an arbitrary file upload vulnerability",
   "details": "An arbitrary file upload vulnerability in Umbraco CMS v16.3.3 allows attackers to execute arbitrary code via uploading a crafted PDF file.",
   "severity": [
-    {
-      "type": "CVSS_V3",
-      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
-    },
     {
       "type": "CVSS_V4",
-      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:P"
+      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
-      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
+      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
-      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
+      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
     }
   ],
   "affected": [
@@ -62,7 +58,7 @@
       "CWE-434",
       "CWE-79"
     ],
-    "severity": "MODERATE",
+    "severity": "LOW",
-    "severity": "LOW",
+    "severity": "NONE",
-    "severity": "LOW",
+    "severity": "NONE",
     "github_reviewed": true,
     "github_reviewed_at": "2025-12-22T22:47:47Z",
     "nvd_published_at": "2025-12-22T19:15:49Z"