{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24402", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "REJECTED", "dateReserved": "2026-01-22T18:19:49.172Z", "dateUpdated": "2026-01-24T00:27:07.708Z", "dateRejected": "2026-01-24T00:27:07.708Z", "assignerShortName": "GitHub_M"}, "containers": {"cna": {"providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-24T00:27:07.708Z"}, "rejectedReasons": [{"lang": "en", "value": "GitHub cannot issue a CVE for this Security Advisory because this advisory includes information about more than one vulnerability.\r\n\r\nAccording to [rule 4.2.11 of the CVE CNA rules](https://www.cve.org/ResourcesSupport/AllResources/CNARules#section_4-2_CVE_ID_Assignment):\r\n\r\n> 4.2.6 CNAs SHOULD assign different CVE IDs to separate Vulnerabilities, as determined using the guidance in [4.1](https://www.cve.org/ResourcesSupport/AllResources/CNARules#section_4-1_Vulnerability_Determination).\r\n\r\n> 4.2.11 CNAs SHOULD assign different CVE IDs to different, Independently Fixable Vulnerabilities.\r\n\r\nYou can move forward in one of two ways:\r\n\r\n- If you agree that this Security Advisory concerns more than one independently fixable vulnerability, split each vulnerability into its own advisory and request one CVE for each vulnerability.\r\n- If you do not agree that these vulnerabilities are independently fixable, resubmit the CVE request with a section clarifying how they are dependent and should have the same CVE.\r\n\r\nThank you for making the open source ecosystem more secure by fixing and responsibly disclosing these vulnerabilities."}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: GitHub cannot issue a CVE for this Security Advisory because this advisory includes information about more than one vulnerability.\r\n\r\nAccording to [rule 4.2.11 of the CVE CNA rules](https://www.cve.org/ResourcesSupport/AllResources/CNARules#section_4-2_CVE_ID_Assignment):\r\n\r\n> 4.2.6 CNAs SHOULD assign different CVE IDs to separate Vulnerabilities, as determined using the guidance in [4.1](https://www.cve.org/ResourcesSupport/AllResources/CNARules#section_4-1_Vulnerability_Determination).\r\n\r\n> 4.2.11 CNAs SHOULD assign different CVE IDs to different, Independently Fixable Vulnerabilities.\r\n\r\nYou can move forward in one of two ways:\r\n\r\n- If you agree that this Security Advisory concerns more than one independently fixable vulnerability, split each vulnerability into its own advisory and request one CVE for each vulnerability.\r\n- If you do not agree that these vulnerabilities are independently fixable, resubmit the CVE request with a section clarifying how they are dependent and should have the same CVE.\r\n\r\nThank you for making the open source ecosystem more secure by fixing and responsibly disclosing these vulnerabilities."}], "id": "CVE-2026-24402", "lastModified": "2026-01-24T01:15:50.543", "metrics": {}, "published": "2026-01-24T01:15:50.543", "references": [], "sourceIdentifier": "[email protected]", "vulnStatus": "Rejected"}

{}