[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Apr 25 20:32:01 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
18af06bd by security tracker role at 2026-04-25T19:31:54+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,40 +1,74 @@
-CVE-2026-31685 [netfilter: ip6t_eui64: reject invalid MAC header for all packets]
+CVE-2026-6993 (A security flaw has been discovered in go-kratos kratos up to 2.9.2. T ...)
+	TODO: check
+CVE-2026-6992 (A vulnerability was identified in Linksys MR9600 2.0.6.206937. This af ...)
+	TODO: check
+CVE-2026-6991 (A vulnerability was determined in colinhacks Zod up to 4.3.6. The impa ...)
+	TODO: check
+CVE-2026-6990 (A vulnerability was found in projeto-siga siga 11.0.3.18. The affected ...)
+	TODO: check
+CVE-2026-6989 (A vulnerability has been found in Tenda F453 up to 1.0.0.3. Impacted i ...)
+	TODO: check
+CVE-2026-6988 (A flaw has been found in Tenda HG10 HG7_HG9_HG10re_300001138_en_xpon.  ...)
+	TODO: check
+CVE-2026-6987 (A vulnerability was detected in PicoClaw up to 0.2.4. Impacted is an u ...)
+	TODO: check
+CVE-2026-6986 (A security vulnerability has been detected in Cesanta Mongoose up to 7 ...)
+	TODO: check
+CVE-2026-6985 (A weakness has been identified in Cesanta Mongoose up to 7.20. This vu ...)
+	TODO: check
+CVE-2026-6984 (A security flaw has been discovered in AstrBotDevs AstrBot up to 4.22. ...)
+	TODO: check
+CVE-2026-6983 (A vulnerability was identified in pagekit up to 1.0.18. Affected by th ...)
+	TODO: check
+CVE-2026-6982 (A vulnerability was determined in star7th ShowDoc up to 2.10.10/3.6.2/ ...)
+	TODO: check
+CVE-2026-6981 (A vulnerability was found in IhateCreatingUserNames2 AiraHub2 up to 3e ...)
+	TODO: check
+CVE-2026-6980 (A vulnerability has been found in Divyanshu-hash GitPilot-MCP up to 9e ...)
+	TODO: check
+CVE-2026-6979 (A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects ...)
+	TODO: check
+CVE-2026-6978 (A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted ele ...)
+	TODO: check
+CVE-2026-6977 (A security vulnerability has been detected in vanna-ai vanna up to 2.0 ...)
+	TODO: check
+CVE-2026-31685 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
 	- linux 6.19.14-1
 	NOTE: https://git.kernel.org/linus/fdce0b3590f724540795b874b4c8850c90e6b0a8 (7.0)
-CVE-2026-31684 [net: sched: act_csum: validate nested VLAN headers]
+CVE-2026-31684 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
 	- linux 6.19.14-1
 	NOTE: https://git.kernel.org/linus/c842743d073bdd683606cb414eb0ca84465dd834 (7.0)
-CVE-2026-31683 [batman-adv: avoid OGM aggregation when skb tailroom is insufficient]
+CVE-2026-31683 (In the Linux kernel, the following vulnerability has been resolved:  b ...)
 	- linux 6.19.10-1
 	NOTE: https://git.kernel.org/linus/0d4aef630be9d5f9c1227d07669c26c4383b5ad0 (7.0-rc5)
-CVE-2026-31682 [bridge: br_nd_send: linearize skb before parsing ND options]
+CVE-2026-31682 (In the Linux kernel, the following vulnerability has been resolved:  b ...)
 	- linux 6.19.12-1
 	NOTE: https://git.kernel.org/linus/a01aee7cafc575bb82f5529e8734e7052f9b16ea (7.0-rc7)
-CVE-2026-31681 [netfilter: xt_multiport: validate range encoding in checkentry]
+CVE-2026-31681 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
 	- linux 6.19.14-1
 	NOTE: https://git.kernel.org/linus/ff64c5bfef12461df8450e0f50bb693b5269c720 (7.0)
-CVE-2026-31680 [net: ipv6: flowlabel: defer exclusive option free until RCU teardown]
+CVE-2026-31680 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
 	- linux 6.19.12-1
 	NOTE: https://git.kernel.org/linus/9ca562bb8e66978b53028fa32b1a190708e6a091 (7.0-rc7)
-CVE-2026-31679 [openvswitch: validate MPLS set/set_masked payload length]
+CVE-2026-31679 (In the Linux kernel, the following vulnerability has been resolved:  o ...)
 	- linux 6.19.11-1
 	NOTE: https://git.kernel.org/linus/546b68ac893595877ffbd7751e5c55fd1c43ede6 (7.0-rc6)
-CVE-2026-31678 [openvswitch: defer tunnel netdev_put to RCU release]
+CVE-2026-31678 (In the Linux kernel, the following vulnerability has been resolved:  o ...)
 	- linux 6.19.11-1
 	NOTE: https://git.kernel.org/linus/6931d21f87bc6d657f145798fad0bf077b82486c (7.0-rc6)
-CVE-2026-31677 [crypto: af_alg - limit RX SG extraction by receive buffer budget]
+CVE-2026-31677 (In the Linux kernel, the following vulnerability has been resolved:  c ...)
 	- linux 6.19.14-1
 	NOTE: https://git.kernel.org/linus/8eceab19eba9dcbfd2a0daec72e1bf48aa100170 (7.0)
-CVE-2026-31676 [rxrpc: only handle RESPONSE during service challenge]
+CVE-2026-31676 (In the Linux kernel, the following vulnerability has been resolved:  r ...)
 	- linux 6.19.13-1
 	NOTE: https://git.kernel.org/linus/c43ffdcfdbb5567b1f143556df8a04b4eeea041c (7.0)
-CVE-2026-31675 [net/sched: sch_netem: fix out-of-bounds access in packet corruption]
+CVE-2026-31675 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
 	- linux 6.19.12-1
 	NOTE: https://git.kernel.org/linus/d64cb81dcbd54927515a7f65e5e24affdc73c14b (7.0-rc7)
-CVE-2026-31674 [netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check()]
+CVE-2026-31674 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
 	- linux 6.19.11-1
 	NOTE: https://git.kernel.org/linus/9d3f027327c2fa265f7f85ead41294792c3296ed (7.0-rc6)
-CVE-2026-31673 [af_unix: read UNIX_DIAG_VFS data under unix_state_lock]
+CVE-2026-31673 (In the Linux kernel, the following vulnerability has been resolved:  a ...)
 	- linux 6.19.14-1
 	NOTE: https://git.kernel.org/linus/39897df386376912d561d4946499379effa1e7ef (7.0)
 CVE-2026-6968 (Incomplete path traversal fixes in awslabs/tough before tough-v0.22.0  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18af06bd67760a004ddcd042ef28e274b8464f58

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18af06bd67760a004ddcd042ef28e274b8464f58
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260425/ac6dd7fa/attachment.htm>

More information about the debian-security-tracker-commits mailing list