[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Apr 24 20:13:46 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4b2cf769 by security tracker role at 2026-04-24T19:13:39+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,10 +1,412 @@
-CVE-2026-40466
+CVE-2026-6912 (Improperly controlled modification of dynamically-determined object at ...)
+ TODO: check
+CVE-2026-6911 (Missing JWT signature verification in AWS Ops Wheel allows unauthentic ...)
+ TODO: check
+CVE-2026-6272 (A client holding only a read JWT scope can still register itself as a ...)
+ TODO: check
+CVE-2026-6043 (P4 Server versions prior to 2026.1 are configured with insecure defaul ...)
+ TODO: check
+CVE-2026-4313 (AdaptiveGRC is vulnerable to Stored XSS via text type fields across th ...)
+ TODO: check
+CVE-2026-4078 (The ITERAS plugin for WordPress is vulnerable to Stored Cross-Site Scr ...)
+ TODO: check
+CVE-2026-42095 (bookserver in KDE Arianna before 26.04.1 allows attackers to read file ...)
+ TODO: check
+CVE-2026-42044 (Axios is a promise based HTTP client for the browser and Node.js. From ...)
+ TODO: check
+CVE-2026-42043 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
+ TODO: check
+CVE-2026-42042 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
+ TODO: check
+CVE-2026-42041 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
+ TODO: check
+CVE-2026-42040 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
+ TODO: check
+CVE-2026-42039 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
+ TODO: check
+CVE-2026-42038 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
+ TODO: check
+CVE-2026-42037 (Axios is a promise based HTTP client for the browser and Node.js. From ...)
+ TODO: check
+CVE-2026-42036 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
+ TODO: check
+CVE-2026-42035 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
+ TODO: check
+CVE-2026-42034 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
+ TODO: check
+CVE-2026-42033 (Axios is a promise based HTTP client for the browser and Node.js. Prio ...)
+ TODO: check
+CVE-2026-41907 (uuid is for the creation of RFC9562 (formerly RFC4122) UUIDs. Prior to ...)
+ TODO: check
+CVE-2026-41898 (rust-openssl provides OpenSSL bindings for the Rust programming langua ...)
+ TODO: check
+CVE-2026-41681 (rust-openssl provides OpenSSL bindings for the Rust programming langua ...)
+ TODO: check
+CVE-2026-41680 (Marked is a markdown parser and compiler. From 18.0.0 to 18.0.1, a cri ...)
+ TODO: check
+CVE-2026-41678 (rust-openssl provides OpenSSL bindings for the Rust programming langua ...)
+ TODO: check
+CVE-2026-41677 (rust-openssl provides OpenSSL bindings for the Rust programming langua ...)
+ TODO: check
+CVE-2026-41676 (rust-openssl provides OpenSSL bindings for the Rust programming langua ...)
+ TODO: check
+CVE-2026-41492 (Dgraph is an open source distributed GraphQL database. Prior to 25.3.3 ...)
+ TODO: check
+CVE-2026-41416 (PJSIP is a free and open source multimedia communication library writt ...)
+ TODO: check
+CVE-2026-41415 (PJSIP is a free and open source multimedia communication library writt ...)
+ TODO: check
+CVE-2026-41414 (Skim is a fuzzy finder designed to through files, lines, and commands. ...)
+ TODO: check
+CVE-2026-41411 (Vim is an open source, command line text editor. Prior to 9.2.0357, A ...)
+ TODO: check
+CVE-2026-41328 (Dgraph is an open source distributed GraphQL database. Prior to 25.3.3 ...)
+ TODO: check
+CVE-2026-41327 (Dgraph is an open source distributed GraphQL database. Prior to 25.3.3 ...)
+ TODO: check
+CVE-2026-41322 (@astrojs/node allows Astro to deploy your SSR site to Node targets. Pr ...)
+ TODO: check
+CVE-2026-41321 (@astrojs/cloudflare is an SSR adapter for use with Cloudflare Workers ...)
+ TODO: check
+CVE-2026-41140 (Poetry is a dependency manager for Python. Prior to 2.3.4, the extract ...)
+ TODO: check
+CVE-2026-41079 (OpenPrinting CUPS is an open source printing system for Linux and othe ...)
+ TODO: check
+CVE-2026-41067 (Astro is a web framework. Prior to 6.1.6, the defineScriptVars functio ...)
+ TODO: check
+CVE-2026-41066 (lxml is a library for processing XML and HTML in the Python language. ...)
+ TODO: check
+CVE-2026-40897 (Math.js is an extensive math library for JavaScript and Node.js. From ...)
+ TODO: check
+CVE-2026-40690 (The asset dependency graph did not restrict nodes by the viewer's DAG ...)
+ TODO: check
+CVE-2026-40609
+ REJECTED
+CVE-2026-3569 (The Liaison Site Prober plugin for WordPress is vulnerable to Informat ...)
+ TODO: check
+CVE-2026-3565 (The Taqnix plugin for WordPress is vulnerable to Cross-Site Request Fo ...)
+ TODO: check
+CVE-2026-39920 (BridgeHead FileStore versions prior to 24A (released in early 2024) ex ...)
+ TODO: check
+CVE-2026-38743 (The authenticated /ui/dagsendpoint did not enforce per-DAG access cont ...)
+ TODO: check
+CVE-2026-33666 (Zserio is a framework for serializing structured data with a compact a ...)
+ TODO: check
+CVE-2026-33662 (OP-TEE is a Trusted Execution Environment (TEE) designed as companion ...)
+ TODO: check
+CVE-2026-33524 (Zserio is a framework for serializing structured data with a compact a ...)
+ TODO: check
+CVE-2026-31672 (In the Linux kernel, the following vulnerability has been resolved: w ...)
+ TODO: check
+CVE-2026-31671 (In the Linux kernel, the following vulnerability has been resolved: x ...)
+ TODO: check
+CVE-2026-31670 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2026-31669 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31668 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2026-31667 (In the Linux kernel, the following vulnerability has been resolved: I ...)
+ TODO: check
+CVE-2026-31666 (In the Linux kernel, the following vulnerability has been resolved: b ...)
+ TODO: check
+CVE-2026-31665 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2026-31664 (In the Linux kernel, the following vulnerability has been resolved: x ...)
+ TODO: check
+CVE-2026-31663 (In the Linux kernel, the following vulnerability has been resolved: x ...)
+ TODO: check
+CVE-2026-31662 (In the Linux kernel, the following vulnerability has been resolved: t ...)
+ TODO: check
+CVE-2026-31661 (In the Linux kernel, the following vulnerability has been resolved: w ...)
+ TODO: check
+CVE-2026-31660 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2026-31659 (In the Linux kernel, the following vulnerability has been resolved: b ...)
+ TODO: check
+CVE-2026-31658 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2026-31657 (In the Linux kernel, the following vulnerability has been resolved: b ...)
+ TODO: check
+CVE-2026-31656 (In the Linux kernel, the following vulnerability has been resolved: d ...)
+ TODO: check
+CVE-2026-31655 (In the Linux kernel, the following vulnerability has been resolved: p ...)
+ TODO: check
+CVE-2026-31654 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31653 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31652 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31651 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31650 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31649 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2026-31648 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31647 (In the Linux kernel, the following vulnerability has been resolved: i ...)
+ TODO: check
+CVE-2026-31646 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2026-31645 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2026-31644 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2026-31643 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ TODO: check
+CVE-2026-31642 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ TODO: check
+CVE-2026-31641 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ TODO: check
+CVE-2026-31640 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ TODO: check
+CVE-2026-31639 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ TODO: check
+CVE-2026-31638 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ TODO: check
+CVE-2026-31637 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ TODO: check
+CVE-2026-31636 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ TODO: check
+CVE-2026-31635 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ TODO: check
+CVE-2026-31634 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ TODO: check
+CVE-2026-31633 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ TODO: check
+CVE-2026-31632 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ TODO: check
+CVE-2026-31631 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ TODO: check
+CVE-2026-31630 (In the Linux kernel, the following vulnerability has been resolved: r ...)
+ TODO: check
+CVE-2026-31629 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2026-31628 (In the Linux kernel, the following vulnerability has been resolved: x ...)
+ TODO: check
+CVE-2026-31627 (In the Linux kernel, the following vulnerability has been resolved: i ...)
+ TODO: check
+CVE-2026-31626 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2026-31625 (In the Linux kernel, the following vulnerability has been resolved: H ...)
+ TODO: check
+CVE-2026-31624 (In the Linux kernel, the following vulnerability has been resolved: H ...)
+ TODO: check
+CVE-2026-31623 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2026-31622 (In the Linux kernel, the following vulnerability has been resolved: N ...)
+ TODO: check
+CVE-2026-31621 (In the Linux kernel, the following vulnerability has been resolved: b ...)
+ TODO: check
+CVE-2026-31620 (In the Linux kernel, the following vulnerability has been resolved: A ...)
+ TODO: check
+CVE-2026-31619 (In the Linux kernel, the following vulnerability has been resolved: A ...)
+ TODO: check
+CVE-2026-31618 (In the Linux kernel, the following vulnerability has been resolved: f ...)
+ TODO: check
+CVE-2026-31617 (In the Linux kernel, the following vulnerability has been resolved: u ...)
+ TODO: check
+CVE-2026-31616 (In the Linux kernel, the following vulnerability has been resolved: u ...)
+ TODO: check
+CVE-2026-31615 (In the Linux kernel, the following vulnerability has been resolved: u ...)
+ TODO: check
+CVE-2026-31614 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2026-31613 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2026-31612 (In the Linux kernel, the following vulnerability has been resolved: k ...)
+ TODO: check
+CVE-2026-31611 (In the Linux kernel, the following vulnerability has been resolved: k ...)
+ TODO: check
+CVE-2026-31610 (In the Linux kernel, the following vulnerability has been resolved: k ...)
+ TODO: check
+CVE-2026-31609 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2026-31608 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2026-31607 (In the Linux kernel, the following vulnerability has been resolved: u ...)
+ TODO: check
+CVE-2026-31606 (In the Linux kernel, the following vulnerability has been resolved: u ...)
+ TODO: check
+CVE-2026-31605 (In the Linux kernel, the following vulnerability has been resolved: f ...)
+ TODO: check
+CVE-2026-31604 (In the Linux kernel, the following vulnerability has been resolved: w ...)
+ TODO: check
+CVE-2026-31603 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2026-31602 (In the Linux kernel, the following vulnerability has been resolved: A ...)
+ TODO: check
+CVE-2026-31601 (In the Linux kernel, the following vulnerability has been resolved: v ...)
+ TODO: check
+CVE-2026-31600 (In the Linux kernel, the following vulnerability has been resolved: a ...)
+ TODO: check
+CVE-2026-31599 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31598 (In the Linux kernel, the following vulnerability has been resolved: o ...)
+ TODO: check
+CVE-2026-31597 (In the Linux kernel, the following vulnerability has been resolved: o ...)
+ TODO: check
+CVE-2026-31596 (In the Linux kernel, the following vulnerability has been resolved: o ...)
+ TODO: check
+CVE-2026-31595 (In the Linux kernel, the following vulnerability has been resolved: P ...)
+ TODO: check
+CVE-2026-31594 (In the Linux kernel, the following vulnerability has been resolved: P ...)
+ TODO: check
+CVE-2026-31593 (In the Linux kernel, the following vulnerability has been resolved: K ...)
+ TODO: check
+CVE-2026-31592 (In the Linux kernel, the following vulnerability has been resolved: K ...)
+ TODO: check
+CVE-2026-31591 (In the Linux kernel, the following vulnerability has been resolved: K ...)
+ TODO: check
+CVE-2026-31590 (In the Linux kernel, the following vulnerability has been resolved: K ...)
+ TODO: check
+CVE-2026-31589 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31588 (In the Linux kernel, the following vulnerability has been resolved: K ...)
+ TODO: check
+CVE-2026-31587 (In the Linux kernel, the following vulnerability has been resolved: A ...)
+ TODO: check
+CVE-2026-31586 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31585 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31584 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31583 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31582 (In the Linux kernel, the following vulnerability has been resolved: h ...)
+ TODO: check
+CVE-2026-31581 (In the Linux kernel, the following vulnerability has been resolved: A ...)
+ TODO: check
+CVE-2026-31580 (In the Linux kernel, the following vulnerability has been resolved: b ...)
+ TODO: check
+CVE-2026-31579 (In the Linux kernel, the following vulnerability has been resolved: w ...)
+ TODO: check
+CVE-2026-31578 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31577 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2026-31576 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31575 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31574 (In the Linux kernel, the following vulnerability has been resolved: c ...)
+ TODO: check
+CVE-2026-31573 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2026-31572 (In the Linux kernel, the following vulnerability has been resolved: i ...)
+ TODO: check
+CVE-2026-31571 (In the Linux kernel, the following vulnerability has been resolved: d ...)
+ TODO: check
+CVE-2026-31570 (In the Linux kernel, the following vulnerability has been resolved: c ...)
+ TODO: check
+CVE-2026-31569 (In the Linux kernel, the following vulnerability has been resolved: L ...)
+ TODO: check
+CVE-2026-31568 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2026-31567 (In the Linux kernel, the following vulnerability has been resolved: P ...)
+ TODO: check
+CVE-2026-31566 (In the Linux kernel, the following vulnerability has been resolved: d ...)
+ TODO: check
+CVE-2026-31565 (In the Linux kernel, the following vulnerability has been resolved: R ...)
+ TODO: check
+CVE-2026-31564 (In the Linux kernel, the following vulnerability has been resolved: L ...)
+ TODO: check
+CVE-2026-31563 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2026-31562 (In the Linux kernel, the following vulnerability has been resolved: d ...)
+ TODO: check
+CVE-2026-31561 (In the Linux kernel, the following vulnerability has been resolved: x ...)
+ TODO: check
+CVE-2026-31560 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2026-31559 (In the Linux kernel, the following vulnerability has been resolved: L ...)
+ TODO: check
+CVE-2026-31558 (In the Linux kernel, the following vulnerability has been resolved: L ...)
+ TODO: check
+CVE-2026-31557 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2026-31556 (In the Linux kernel, the following vulnerability has been resolved: x ...)
+ TODO: check
+CVE-2026-31555 (In the Linux kernel, the following vulnerability has been resolved: f ...)
+ TODO: check
+CVE-2026-31554 (In the Linux kernel, the following vulnerability has been resolved: f ...)
+ TODO: check
+CVE-2026-31553 (In the Linux kernel, the following vulnerability has been resolved: K ...)
+ TODO: check
+CVE-2026-31552 (In the Linux kernel, the following vulnerability has been resolved: w ...)
+ TODO: check
+CVE-2026-31551 (In the Linux kernel, the following vulnerability has been resolved: w ...)
+ TODO: check
+CVE-2026-31550 (In the Linux kernel, the following vulnerability has been resolved: p ...)
+ TODO: check
+CVE-2026-31549 (In the Linux kernel, the following vulnerability has been resolved: i ...)
+ TODO: check
+CVE-2026-31548 (In the Linux kernel, the following vulnerability has been resolved: w ...)
+ TODO: check
+CVE-2026-31547 (In the Linux kernel, the following vulnerability has been resolved: d ...)
+ TODO: check
+CVE-2026-31546 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2026-31545 (In the Linux kernel, the following vulnerability has been resolved: N ...)
+ TODO: check
+CVE-2026-31544 (In the Linux kernel, the following vulnerability has been resolved: f ...)
+ TODO: check
+CVE-2026-31543 (In the Linux kernel, the following vulnerability has been resolved: c ...)
+ TODO: check
+CVE-2026-31542 (In the Linux kernel, the following vulnerability has been resolved: x ...)
+ TODO: check
+CVE-2026-31541 (In the Linux kernel, the following vulnerability has been resolved: t ...)
+ TODO: check
+CVE-2026-31540 (In the Linux kernel, the following vulnerability has been resolved: d ...)
+ TODO: check
+CVE-2026-31539 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2026-31538 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2026-31537 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2026-31536 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2026-31535 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2026-31534 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2026-31052 (An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attac ...)
+ TODO: check
+CVE-2026-31051 (An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attac ...)
+ TODO: check
+CVE-2026-31050 (Cross Site Scripting vulnerability in Hostbill v.2025-11-24 and 2025-1 ...)
+ TODO: check
+CVE-2026-30368 (A client-side authorization flaw in Lightspeed Classroom v5.1.2.176377 ...)
+ TODO: check
+CVE-2026-25660 (CodeChecker is an analyzer tooling, defect database and viewer extensi ...)
+ TODO: check
+CVE-2026-23902 (Incorrect Authorization vulnerability in Apache DolphinScheduler allow ...)
+ TODO: check
+CVE-2026-21728 (Tempo queries with large limits can cause large memory allocations whi ...)
+ TODO: check
+CVE-2026-21515 (Exposure of sensitive information to an unauthorized actor in Azure IO ...)
+ TODO: check
+CVE-2025-67259 (A Broken Access Control vulnerability exists in ClassroomIO v0.1.13 wh ...)
+ TODO: check
+CVE-2025-62233 (Deserialization of Untrusted Data vulnerability in Apache DolphinSched ...)
+ TODO: check
+CVE-2025-61872 (Mahara before 25.04.2 and 24.04.11 are vulnerable to displaying result ...)
+ TODO: check
+CVE-2025-59308 (In Mahara before 24.04.10 and 25 before 25.04.1, an institution admini ...)
+ TODO: check
+CVE-2025-11762 (The HubSpot All-In-One Marketing - Forms, Popups, Live Chat plugin for ...)
+ TODO: check
+CVE-2026-40466 (Improper Input Validation, Improper Control of Generation of Code ('Co ...)
- activemq <unfixed>
NOTE: https://www.openwall.com/lists/oss-security/2026/04/23/4
-CVE-2026-41043
+CVE-2026-41043 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- activemq <unfixed>
NOTE: https://www.openwall.com/lists/oss-security/2026/04/23/5
-CVE-2026-41044
+CVE-2026-41044 (Improper Input Validation, Improper Control of Generation of Code ('Co ...)
- activemq <unfixed>
NOTE: https://www.openwall.com/lists/oss-security/2026/04/23/6
CVE-2026-6947 (DWM-222W USB Wi-Fi Adapter developed by D-Link has a Brute-Force Prote ...)
@@ -2633,7 +3035,7 @@ CVE-2017-20230 (Storable versions before 3.05 for Perl has a stack overflow. Th
NOTE: https://github.com/Perl/perl5/issues/15831
NOTE: https://github.com/Perl/perl5/commit/a258c17c6937f79529c8319a829310e09cdbd216 (v5.27.9)
CVE-2026-6786 (Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9 ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2641,7 +3043,7 @@ CVE-2026-6786 (Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6786
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6786
CVE-2026-6785 (Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, T ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2673,7 +3075,7 @@ CVE-2026-6777 (Other issue in the Networking: DNS component. This vulnerability
- firefox 150.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6777
CVE-2026-6776 (Incorrect boundary conditions in the WebRTC: Networking component. Thi ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2690,7 +3092,7 @@ CVE-2026-6773 (Denial-of-service due to integer overflow in the Graphics: WebGPU
- firefox 150.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6773
CVE-2026-6772 (Incorrect boundary conditions in the Libraries component in NSS. This ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2700,7 +3102,7 @@ CVE-2026-6772 (Incorrect boundary conditions in the Libraries component in NSS.
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6772
NOTE: https://hg.mozilla.org/projects/nss/rev/961f1a40f5e7
CVE-2026-6771 (Mitigation bypass in the DOM: Security component. This vulnerability w ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2708,7 +3110,7 @@ CVE-2026-6771 (Mitigation bypass in the DOM: Security component. This vulnerabil
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6771
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6771
CVE-2026-6770 (Other issue in the Storage: IndexedDB component. This vulnerability wa ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2716,7 +3118,7 @@ CVE-2026-6770 (Other issue in the Storage: IndexedDB component. This vulnerabili
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6770
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6770
CVE-2026-6769 (Privilege escalation in the Debugger component. This vulnerability was ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2727,7 +3129,7 @@ CVE-2026-6768 (Mitigation bypass in the Networking: Cookies component. This vuln
- firefox 150.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6768
CVE-2026-6767 (Other issue in the Libraries component in NSS. This vulnerability was ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2737,7 +3139,7 @@ CVE-2026-6767 (Other issue in the Libraries component in NSS. This vulnerability
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6767
NOTE: https://hg.mozilla.org/projects/nss/rev/4e693e8b5c0d
CVE-2026-6766 (Incorrect boundary conditions in the Libraries component in NSS. This ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2747,7 +3149,7 @@ CVE-2026-6766 (Incorrect boundary conditions in the Libraries component in NSS.
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6766
NOTE: https://hg.mozilla.org/projects/nss/rev/42da9a7f8a03
CVE-2026-6765 (Information disclosure in the Form Autofill component. This vulnerabil ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2755,7 +3157,7 @@ CVE-2026-6765 (Information disclosure in the Form Autofill component. This vulne
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6765
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6765
CVE-2026-6764 (Incorrect boundary conditions in the DOM: Device Interfaces component. ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2763,7 +3165,7 @@ CVE-2026-6764 (Incorrect boundary conditions in the DOM: Device Interfaces compo
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6764
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6764
CVE-2026-6763 (Mitigation bypass in the File Handling component. This vulnerability w ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2771,7 +3173,7 @@ CVE-2026-6763 (Mitigation bypass in the File Handling component. This vulnerabil
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6763
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6763
CVE-2026-6762 (Spoofing issue in the DOM: Core & HTML component. This vulnerability w ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2779,7 +3181,7 @@ CVE-2026-6762 (Spoofing issue in the DOM: Core & HTML component. This vulnerabil
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6762
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6762
CVE-2026-6761 (Privilege escalation in the Networking component. This vulnerability w ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2800,7 +3202,7 @@ CVE-2026-6758 (Use-after-free in the JavaScript: WebAssembly component. This vul
- firefox 150.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6758
CVE-2026-6757 (Invalid pointer in the JavaScript: WebAssembly component. This vulnera ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2814,7 +3216,7 @@ CVE-2026-6755 (Mitigation bypass in the DOM: postMessage component. This vulnera
- firefox 150.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6755
CVE-2026-6754 (Use-after-free in the JavaScript Engine component. This vulnerability ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2822,7 +3224,7 @@ CVE-2026-6754 (Use-after-free in the JavaScript Engine component. This vulnerabi
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6754
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6754
CVE-2026-6753 (Incorrect boundary conditions in the WebRTC component. This vulnerabil ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2830,7 +3232,7 @@ CVE-2026-6753 (Incorrect boundary conditions in the WebRTC component. This vulne
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6753
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6753
CVE-2026-6752 (Incorrect boundary conditions in the WebRTC component. This vulnerabil ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2838,7 +3240,7 @@ CVE-2026-6752 (Incorrect boundary conditions in the WebRTC component. This vulne
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6752
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6752
CVE-2026-6751 (Uninitialized memory in the Audio/Video: Web Codecs component. This vu ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2846,7 +3248,7 @@ CVE-2026-6751 (Uninitialized memory in the Audio/Video: Web Codecs component. Th
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6751
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6751
CVE-2026-6750 (Privilege escalation in the Graphics: WebRender component. This vulner ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2854,7 +3256,7 @@ CVE-2026-6750 (Privilege escalation in the Graphics: WebRender component. This v
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6750
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6750
CVE-2026-6749 (Information disclosure due to uninitialized memory in the Graphics: Ca ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2862,7 +3264,7 @@ CVE-2026-6749 (Information disclosure due to uninitialized memory in the Graphic
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6749
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6749
CVE-2026-6748 (Uninitialized memory in the Audio/Video: Web Codecs component. This vu ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2870,7 +3272,7 @@ CVE-2026-6748 (Uninitialized memory in the Audio/Video: Web Codecs component. Th
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6748
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6748
CVE-2026-6747 (Use-after-free in the WebRTC component. This vulnerability was fixed i ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -2878,7 +3280,7 @@ CVE-2026-6747 (Use-after-free in the WebRTC component. This vulnerability was fi
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6747
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/#CVE-2026-6747
CVE-2026-6746 (Use-after-free in the DOM: Core & HTML component. This vulnerability w ...)
- {DSA-6225-1 DLA-4546-1}
+ {DSA-6229-1 DSA-6225-1 DLA-4546-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
- thunderbird 1:140.10.0esr-1
@@ -3101,11 +3503,11 @@ CVE-2025-13480 (Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low
NOT-FOR-US: Fudo Enterprise
CVE-2025-11249
REJECTED
-CVE-2026-5367 [Heap over-read in OVN DHCPv6 Client ID processing]
+CVE-2026-5367 (A flaw was found in OVN (Open Virtual Network). A remote attacker, by ...)
- ovn <unfixed> (bug #1134486)
NOTE: https://www.openwall.com/lists/oss-security/2026/04/20/3
NOTE: Fixed by: https://github.com/ovn-org/ovn/commit/78f6ce612403d6343f1e3782cbfff691d411dee4 (v26.03.1)
-CVE-2026-5265 [Heap Over-Read in ICMP Error Response Generation]
+CVE-2026-5265 (When generating an ICMP Destination Unreachable or Packet Too Big resp ...)
- ovn <unfixed> (bug #1134486)
NOTE: https://www.openwall.com/lists/oss-security/2026/04/20/2
NOTE: Introduced with: https://github.com/ovn-org/ovn/commit/c2339d87268d748da9a44aaefbb6d1ecc490b99d (v20.03.0)
@@ -5875,7 +6277,7 @@ CVE-2026-31283 (In Totara LMS v19.1.5 and before, the forgot password API does n
NOT-FOR-US: Totara LMS
CVE-2026-31282 (Totara LMS v19.1.5 and before is vulnerable to Incorrect Access Contro ...)
NOT-FOR-US: Totara LMS
-CVE-2026-31281 (Totara LMS v19.1.5 and before is vulnerable to HTLM Injection. An atta ...)
+CVE-2026-31281 (Totara LMS v19.1.5 and before is vulnerable to HTML Injection. An atta ...)
NOT-FOR-US: Totara LMS
CVE-2026-30999 (A heap buffer overflow in the av_bprint_finalize() function of FFmpeg ...)
NOTE: Bogus CVE assignment for ffmpeg, "memory leak" in CLI tool
@@ -7587,7 +7989,7 @@ CVE-2026-34179 (In Canonical LXD versions 4.12 through 6.7, the doCertificateUpd
NOTE: https://github.com/canonical/lxd/commit/5f4b8e20afa321e0be436a908a8a92b8b8700557
NOTE: https://github.com/lxc/incus/pull/3068
CVE-2026-34178 (In Canonical LXD before 6.8, the backup import path validates project ...)
- {DSA-6213-1 DSA-6212-1}
+ {DSA-6212-1}
- incus 6.0.6-3
- lxd <removed>
[trixie] - lxd 5.0.2+git20231211.1364ae4-9+deb13u5
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b2cf769af8915bfc4b3f843756e1f0e753c43e1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b2cf769af8915bfc4b3f843756e1f0e753c43e1
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260424/223e2db1/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list