[Git][security-tracker-team/security-tracker][master] Add CVE-2026-25547

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
30e36983 by Salvatore Bonaccorso at 2026-02-05T22:46:02+01:00
Add CVE-2026-25547

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -195,7 +195,8 @@ CVE-2026-25578 (Navidrome is an open source web-based music collection server an
 CVE-2026-25575 (NavigaTUM is a website and API to search for rooms, buildings and othe ...)
 	NOT-FOR-US: NavigaTUM
 CVE-2026-25547 (@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-e ...)
-	TODO: check
+	- node-brace-expansion <undetermined>
+	TODO: check, isaacs/brace-expansion is a "hybrid CJS/ESM TypeScript" fork from uliangruber/brace-expansion
 CVE-2026-25546 (Godot MCP is a Model Context Protocol (MCP) server for interacting wit ...)
 	NOT-FOR-US: Godot MCP
 CVE-2026-25543 (HtmlSanitizer is a .NET library for cleaning HTML fragments and docume ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30e369831352c5c707186c941057e052d2f6db42

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30e369831352c5c707186c941057e052d2f6db42
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260205/e60660b1/attachment.htm>