What is GHSA-22vq-6hm4-vrwc?

GHSA-22vq-6hm4-vrwc is a security advisory published by GitHub Security Advisories with Medium severity. When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the...

Which CVE IDs does GHSA-22vq-6hm4-vrwc cover?

GHSA-22vq-6hm4-vrwc covers the following CVE IDs: CVE-2026-48134. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-22vq-6hm4-vrwc?

GHSA-22vq-6hm4-vrwc has a CVSS v3 base score of 5.6, published by GitHub Security Advisories.

GHSA-22vq-6hm4-vrwcMediumCVSS 5.6

When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the...

Vendor

GitHub Security Advisories

Published

May 26, 2026

Last Modified

May 26, 2026

🔗 CVE IDs covered (1)

CVE-2026-48134 →

📋 Description

When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to disruptions such as loss of stored incident entries, incorrect handling of pending approvals, or resource impact if the issue is abused repeatedly. Exposure is reduced if the UserCheck Portal is not accessible from untrusted networks.

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2026-48134
https://support.checkpoint.com/results/sk/sk184983
https://github.com/advisories/GHSA-22vq-6hm4-vrwc