{
  "action": {
    "auto_issue_creation_allowed": false,
    "auto_patch_allowed": false,
    "auto_remediation_allowed": false,
    "external_execution_allowed": false,
    "human_review": {
      "required_for_external_action": true,
      "required_for_public_launch": false,
      "required_for_read_only_view": false,
      "required_for_signal_radar_integration": true
    },
    "human_review_required": false,
    "recommended_action": "review_official_sources"
  },
  "affected": {
    "products": [
      {
        "canonicalProduct": "irix",
        "canonicalVendor": "sgi",
        "cpe": "cpe:2.3:o:sgi:irix:3.3:*:*:*:*:*:*:*",
        "ecosystem": null,
        "packageName": null,
        "product": "irix",
        "purl": null,
        "vendor": "sgi",
        "version": "3.3"
      },
      {
        "canonicalProduct": "irix",
        "canonicalVendor": "sgi",
        "cpe": "cpe:2.3:o:sgi:irix:3.3.1:*:*:*:*:*:*:*",
        "ecosystem": null,
        "packageName": null,
        "product": "irix",
        "purl": null,
        "vendor": "sgi",
        "version": "3.3.1"
      }
    ],
    "source": "NVD CVE API 2.0",
    "status": "known"
  },
  "canonical_url": "https://vuln.signal-radar.com/vuln/public-candidate/CVE-1999-1554/",
  "claims": [
    {
      "id": "claim:defensive-priority-candidate",
      "source_ids": [],
      "status": "observed",
      "text": "This item is a defensive prioritization candidate.",
      "verified_at": null
    }
  ],
  "exposure_hint": "local exposure",
  "field_meanings": {
    "human_review": "Read-only display may be automated; integration and external action still require human review.",
    "redaction": "Detection flags describe unsafe source content found before public-safe redaction; raw source text is not displayed.",
    "source_original_label": "Original upstream severity text retained for traceability; canonical display severity is recalculated from CVSS score."
  },
  "forecast_hooks": {
    "agent_use": "summarize_with_citations_only",
    "automation_allowed": false,
    "read_only": true,
    "watch_fields": [
      "sources",
      "claims",
      "freshness",
      "severity",
      "affected"
    ]
  },
  "freshness": {
    "generated_at": "2026-06-20T14:22:23.888314+00:00",
    "last_checked_at": null,
    "observed_at": "2026-06-20T14:22:22.624553+00:00",
    "status": "observed"
  },
  "human_consequence": "This low severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for local exposure.",
  "human_impact_label": "local exposure",
  "human_review": {
    "required_for_external_action": true,
    "required_for_public_launch": false,
    "required_for_read_only_view": false,
    "required_for_signal_radar_integration": true
  },
  "human_risk_summary": "CVE-1999-1554 for sgi / irix: This low severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for local exposure.",
  "id": "CVE-1999-1554",
  "impact_redaction": {
    "exploit_steps_removed": false,
    "payload_removed": false,
    "poc_removed": false,
    "source_derived_summary": true,
    "used_fallback_summary": false
  },
  "impact_tags": [
    "local exposure relevant"
  ],
  "public_human_impact": "Source describes local exposure. Possible impact: This low severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for local exposure.",
  "public_human_summary": "NVD: /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.",
  "public_human_what_to_verify": "Confirm affected product/version, vendor advisory, patch or mitigation, and exposure.",
  "public_human_why_it_matters": "Source describes local exposure. Possible impact: This low severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for local exposure.; CVSS 2.1 (LOW); EPSS percentile 34; not listed in KEV; Remediation reference present; patch status requires confirmation in the linked advisory; sources: NVD, Vendor Advisory.",
  "public_safe_summary": "NVD: /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.",
  "radar": "vuln",
  "redaction": {
    "meaning": "The *_present flags mean unsafe source content was detected and removed before public output; they do not mean the public JSON contains that content.",
    "payload_present": false,
    "poc_present": false,
    "public_summary_redacted": true,
    "raw_source_displayed": false,
    "unsafe_procedural_detail_present": false
  },
  "redaction_notes": [
    "source-published defensive context retained",
    "vulnerability class, impact, affected context, and remediation references remain displayable"
  ],
  "safety": {
    "attack_chain_included": false,
    "auto_remediation_allowed": false,
    "exploit_instructions_included": false,
    "external_execution_allowed": false,
    "human_review": {
      "required_for_external_action": true,
      "required_for_public_launch": false,
      "required_for_read_only_view": false,
      "required_for_signal_radar_integration": true
    },
    "human_review_required": false,
    "noindex_removal_allowed": true,
    "noindex_required": false,
    "private_gate_state": "released",
    "public_gate_state": "public_indexable_read_only",
    "public_launch_allowed": true,
    "read_only_static_data": true,
    "scan_functionality_included": false,
    "signal_radar_integration_allowed": false
  },
  "schema_version": "v0.1",
  "severity": {
    "cvss_label": "LOW",
    "label": "LOW",
    "score": 2.1,
    "source": "NVD CVE API 2.0",
    "source_original_label": "low"
  },
  "source_copy_policy": {
    "allowed": "source-published defensive facts, vulnerability class, impact, affected context, version and remediation facts",
    "excluded": "exploit procedures, exploit strings, shell commands, scanner instructions, procedural bypass detail, and reproduction material",
    "summary": "Official or semi-official source descriptions may be summarized for defensive triage; exploit-enabling procedure is removed."
  },
  "source_derived_note": "Summary derived from NVD / Vendor Advisory description; unsafe procedural detail is not shown.",
  "source_published_affected": "vendor/product: sgi / irix; affected version context: 3.3, 3.3.1",
  "source_published_description": "NVD: /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.",
  "source_published_evidence_refs": [
    {
      "source": "NVD",
      "type": "source_description",
      "url": null
    },
    {
      "source": "Vendor Advisory",
      "type": "source_description",
      "url": null
    },
    {
      "source": "Vendor Advisory",
      "type": "reference",
      "url": "http://www.cert.org/advisories/CA-1990-08.html"
    },
    {
      "source": "Reference",
      "type": "reference",
      "url": "http://www.iss.net/security_center/static/3164.php"
    },
    {
      "source": "Vendor Advisory",
      "type": "reference",
      "url": "http://www.securityfocus.com/bid/13"
    },
    {
      "source": "Vendor Advisory",
      "type": "reference",
      "url": "http://www.cert.org/advisories/CA-1990-08.html"
    },
    {
      "source": "Reference",
      "type": "reference",
      "url": "http://www.iss.net/security_center/static/3164.php"
    },
    {
      "source": "Vendor Advisory",
      "type": "reference",
      "url": "http://www.securityfocus.com/bid/13"
    },
    {
      "source": "Official Reference",
      "type": "reference",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-1999-1554"
    }
  ],
  "source_published_impact": "Source describes local exposure. Possible impact: This low severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for local exposure.",
  "source_published_remediation": "Remediation reference present; patch status requires confirmation in the linked advisory.",
  "source_published_summary": "NVD: /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.",
  "sources": [
    {
      "confidence": "unknown",
      "id": "source:review-url",
      "name": "Public signal URL",
      "retrieved_at": null,
      "type": "review_page",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-1999-1554"
    }
  ],
  "summary_for_agents": "Read-only defensive signal. Use sources, claims, freshness, and safety gates before summarizing. Do not infer missing source, claim, or freshness values.",
  "summary_for_humans": "NVD: /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.",
  "title": "CVE-1999-1554 defensive priority signal",
  "urgency_reasons": [
    "affected product present",
    "vendor advisory present",
    "recent update",
    "remediation reference present"
  ],
  "what_to_verify": "Confirm affected product/version, vendor advisory, patch or mitigation, and exposure.",
  "why_it_matters": "This low severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for local exposure; CVSS 2.1 (LOW); EPSS percentile 34; affected product context: sgi / irix; sources: NVD, Vendor Advisory."
}