[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Feb 12 08:13:07 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e7b4c080 by security tracker role at 2026-02-12T08:13:01+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,342 @@
-CVE-2026-25990
+CVE-2026-2391 (### Summary The `arrayLimit` option in qs does not enforce limits for  ...)
+	TODO: check
+CVE-2026-2327 (Versions of the package markdown-it from 13.0.0 and before 14.1.1 are  ...)
+	TODO: check
+CVE-2026-26235 (JUNG Smart Visu Server 1.1.1050 contains a denial of service vulnerabi ...)
+	TODO: check
+CVE-2026-26234 (JUNG Smart Visu Server 1.1.1050 contains a request header manipulation ...)
+	TODO: check
+CVE-2026-26215 (manga-image-translator versionbeta-0.3 and prior in shared API mode co ...)
+	TODO: check
+CVE-2026-26158 (A flaw was found in BusyBox. This vulnerability allows an attacker to  ...)
+	TODO: check
+CVE-2026-26157 (A flaw was found in BusyBox. Incomplete path sanitization in its archi ...)
+	TODO: check
+CVE-2026-26092
+	REJECTED
+CVE-2026-26091
+	REJECTED
+CVE-2026-26090
+	REJECTED
+CVE-2026-26089
+	REJECTED
+CVE-2026-26088
+	REJECTED
+CVE-2026-26087
+	REJECTED
+CVE-2026-26086
+	REJECTED
+CVE-2026-26085
+	REJECTED
+CVE-2026-26031 (Frappe Learning Management System (LMS) is a learning system that help ...)
+	TODO: check
+CVE-2026-26029 (sf-mcp-server is an implementation of Salesforce MCP server for Claude ...)
+	TODO: check
+CVE-2026-26023 (Dify is an open-source LLM app development platform. Prior to 1.13.0,  ...)
+	TODO: check
+CVE-2026-26021 (set-in provides the set value of nested associative structure given ar ...)
+	TODO: check
+CVE-2026-26019 (LangChain is a framework for building LLM-powered applications. Prior  ...)
+	TODO: check
+CVE-2026-26014 (Pion DTLS is a Go implementation of Datagram Transport Layer Security. ...)
+	TODO: check
+CVE-2026-26012 (vaultwarden is an unofficial Bitwarden compatible server written in Ru ...)
+	TODO: check
+CVE-2026-26010 (OpenMetadata is a unified metadata platform. Prior to 1.11.8, calls is ...)
+	TODO: check
+CVE-2026-25999 (Klaw is a self-service Apache Kafka Topic Management/Governance tool/p ...)
+	TODO: check
+CVE-2026-25994 (PJSIP is a free and open source multimedia communication library writt ...)
+	TODO: check
+CVE-2026-25935 (Vikunja is a todo-app to organize your life. Prior to 1.1.0, TaskGlanc ...)
+	TODO: check
+CVE-2026-25924 (Kanboard is project management software focused on Kanban methodology. ...)
+	TODO: check
+CVE-2026-25759 (Statmatic is a Laravel and Git powered content management system (CMS) ...)
+	TODO: check
+CVE-2026-25676 (The installer of M-Track Duo HD version 1.0.0 contains an issue with t ...)
+	TODO: check
+CVE-2026-25633 (Statamic is a, Laravel + Git powered CMS designed for building website ...)
+	TODO: check
+CVE-2026-25062 (Outline is a service that allows for collaborative documentation. Prio ...)
+	TODO: check
+CVE-2026-23857 (Dell Update Package (DUP) Framework, versions 23.12.00 through 24.12.0 ...)
+	TODO: check
+CVE-2026-23856 (Dell iDRAC Service Module (iSM) for Windows, versions prior to 6.0.3.1 ...)
+	TODO: check
+CVE-2026-20700 (A memory corruption issue was addressed with improved state management ...)
+	TODO: check
+CVE-2026-20682 (A logic issue was addressed with improved state management. This issue ...)
+	TODO: check
+CVE-2026-20681 (A privacy issue was addressed with improved private data redaction for ...)
+	TODO: check
+CVE-2026-20680 (The issue was addressed with additional restrictions on the observabil ...)
+	TODO: check
+CVE-2026-20678 (An authorization issue was addressed with improved state management. T ...)
+	TODO: check
+CVE-2026-20677 (A race condition was addressed with improved handling of symbolic link ...)
+	TODO: check
+CVE-2026-20676 (This issue was addressed through improved state management. This issue ...)
+	TODO: check
+CVE-2026-20675 (The issue was addressed with improved bounds checks. This issue is fix ...)
+	TODO: check
+CVE-2026-20674 (A privacy issue was addressed by removing sensitive data. This issue i ...)
+	TODO: check
+CVE-2026-20673 (A logic issue was addressed with improved checks. This issue is fixed  ...)
+	TODO: check
+CVE-2026-20671 (A logic issue was addressed with improved checks. This issue is fixed  ...)
+	TODO: check
+CVE-2026-20669 (A parsing issue in the handling of directory paths was addressed with  ...)
+	TODO: check
+CVE-2026-20667 (A logic issue was addressed with improved checks. This issue is fixed  ...)
+	TODO: check
+CVE-2026-20666 (An authorization issue was addressed with improved state management. T ...)
+	TODO: check
+CVE-2026-20663 (The issue was resolved by sanitizing logging. This issue is fixed in i ...)
+	TODO: check
+CVE-2026-20662 (An authorization issue was addressed with improved state management. T ...)
+	TODO: check
+CVE-2026-20661 (An authorization issue was addressed with improved state management. T ...)
+	TODO: check
+CVE-2026-20660 (A path handling issue was addressed with improved logic. This issue is ...)
+	TODO: check
+CVE-2026-20658 (A package validation issue was addressed by blocking the vulnerable pa ...)
+	TODO: check
+CVE-2026-20656 (A logic issue was addressed with improved validation. This issue is fi ...)
+	TODO: check
+CVE-2026-20655 (An authorization issue was addressed with improved state management. T ...)
+	TODO: check
+CVE-2026-20654 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2026-20653 (A parsing issue in the handling of directory paths was addressed with  ...)
+	TODO: check
+CVE-2026-20652 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2026-20650 (A denial-of-service issue was addressed with improved validation. This ...)
+	TODO: check
+CVE-2026-20649 (A logging issue was addressed with improved data redaction. This issue ...)
+	TODO: check
+CVE-2026-20648 (A privacy issue was addressed by moving sensitive data to a protected  ...)
+	TODO: check
+CVE-2026-20647 (This issue was addressed with improved data protection. This issue is  ...)
+	TODO: check
+CVE-2026-20646 (A logging issue was addressed with improved data redaction. This issue ...)
+	TODO: check
+CVE-2026-20645 (An inconsistent user interface issue was addressed with improved state ...)
+	TODO: check
+CVE-2026-20644 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2026-20642 (An input validation issue was addressed. This issue is fixed in iOS 26 ...)
+	TODO: check
+CVE-2026-20641 (A privacy issue was addressed with improved checks. This issue is fixe ...)
+	TODO: check
+CVE-2026-20640 (An inconsistent user interface issue was addressed with improved state ...)
+	TODO: check
+CVE-2026-20638 (A logic issue was addressed with improved checks. This issue is fixed  ...)
+	TODO: check
+CVE-2026-20636 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2026-20635 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2026-20634 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2026-20630 (A permissions issue was addressed with additional restrictions. This i ...)
+	TODO: check
+CVE-2026-20629 (A privacy issue was addressed with improved handling of temporary file ...)
+	TODO: check
+CVE-2026-20628 (A permissions issue was addressed with additional restrictions. This i ...)
+	TODO: check
+CVE-2026-20627 (An issue existed in the handling of environment variables. This issue  ...)
+	TODO: check
+CVE-2026-20626 (This issue was addressed with improved checks. This issue is fixed in  ...)
+	TODO: check
+CVE-2026-20625 (A parsing issue in the handling of directory paths was addressed with  ...)
+	TODO: check
+CVE-2026-20624 (An injection issue was addressed with improved validation. This issue  ...)
+	TODO: check
+CVE-2026-20623 (A permissions issue was addressed by removing the vulnerable code. Thi ...)
+	TODO: check
+CVE-2026-20621 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2026-20620 (An out-of-bounds read issue was addressed with improved input validati ...)
+	TODO: check
+CVE-2026-20619 (A logging issue was addressed with improved data redaction. This issue ...)
+	TODO: check
+CVE-2026-20618 (An issue was addressed with improved handling of temporary files. This ...)
+	TODO: check
+CVE-2026-20617 (A race condition was addressed with improved state handling. This issu ...)
+	TODO: check
+CVE-2026-20616 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+	TODO: check
+CVE-2026-20615 (A path handling issue was addressed with improved validation. This iss ...)
+	TODO: check
+CVE-2026-20614 (A path handling issue was addressed with improved validation. This iss ...)
+	TODO: check
+CVE-2026-20612 (A privacy issue was addressed with improved checks. This issue is fixe ...)
+	TODO: check
+CVE-2026-20611 (An out-of-bounds access issue was addressed with improved bounds check ...)
+	TODO: check
+CVE-2026-20610 (This issue was addressed with improved handling of symlinks. This issu ...)
+	TODO: check
+CVE-2026-20609 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2026-20608 (This issue was addressed through improved state management. This issue ...)
+	TODO: check
+CVE-2026-20606 (This issue was addressed by removing the vulnerable code. This issue i ...)
+	TODO: check
+CVE-2026-20605 (The issue was addressed with improved memory handling. This issue is f ...)
+	TODO: check
+CVE-2026-20603 (This issue was addressed with improved redaction of sensitive informat ...)
+	TODO: check
+CVE-2026-20602 (The issue was addressed with improved handling of caches. This issue i ...)
+	TODO: check
+CVE-2026-20601 (A permissions issue was addressed with additional restrictions. This i ...)
+	TODO: check
+CVE-2026-1729 (The AdForest theme for WordPress is vulnerable to authentication bypas ...)
+	TODO: check
+CVE-2026-1669 (Arbitrary file read in the model loading mechanism (HDF5 integration)  ...)
+	TODO: check
+CVE-2026-1537 (The LatePoint \u2013 Calendar Booking Plugin for Appointments and Even ...)
+	TODO: check
+CVE-2026-0969 (The serialize function used to compile MDX in next-mdx-remote is vulne ...)
+	TODO: check
+CVE-2025-68663 (Outline is a service that allows for collaborative documentation. Prio ...)
+	TODO: check
+CVE-2025-67135 (Weak Security in the PF-50 1.2 keyfob of PGST PG107 Alarm System 1.25. ...)
+	TODO: check
+CVE-2025-64487 (Outline is a service that allows for collaborative documentation. Prio ...)
+	TODO: check
+CVE-2025-64074 (A path-traversal vulnerability in the logout functionality of Shenzhen ...)
+	TODO: check
+CVE-2025-46310 (This issue was addressed through improved state management. This issue ...)
+	TODO: check
+CVE-2025-46305 (The issue was addressed with improved bounds checks. This issue is fix ...)
+	TODO: check
+CVE-2025-46304 (The issue was addressed with improved bounds checks. This issue is fix ...)
+	TODO: check
+CVE-2025-46303 (The issue was addressed with improved bounds checks. This issue is fix ...)
+	TODO: check
+CVE-2025-46302 (The issue was addressed with improved bounds checks. This issue is fix ...)
+	TODO: check
+CVE-2025-46301 (The issue was addressed with improved bounds checks. This issue is fix ...)
+	TODO: check
+CVE-2025-46300 (The issue was addressed with improved bounds checks. This issue is fix ...)
+	TODO: check
+CVE-2025-46290 (A logic issue was addressed with improved checks. This issue is fixed  ...)
+	TODO: check
+CVE-2025-43537 (A path handling issue was addressed with improved validation. This iss ...)
+	TODO: check
+CVE-2025-43417 (A path handling issue was addressed with improved logic. This issue is ...)
+	TODO: check
+CVE-2025-43403 (An authorization issue was addressed with improved state management. T ...)
+	TODO: check
+CVE-2025-15577 (An unauthenticated attacker can exploit this vulnerability by manipula ...)
+	TODO: check
+CVE-2025-14892 (The Prime Listing Manager WordPress plugin through 1.1 allows an attac ...)
+	TODO: check
+CVE-2024-50620 (Unrestricted Upload of File with Dangerous Type vulnerabilities exist  ...)
+	TODO: check
+CVE-2024-50619 (Vulnerabilities in the My Account and User Management components in CI ...)
+	TODO: check
+CVE-2024-50617 (Vulnerabilities in the File Download and Get File handler components i ...)
+	TODO: check
+CVE-2020-37215 (MSN Password Recovery version 1.30 contains a denial of service vulner ...)
+	TODO: check
+CVE-2020-37214 (Voyager 1.3.0 contains a directory traversal vulnerability that allows ...)
+	TODO: check
+CVE-2020-37213 (TextCrawler Pro 3.1.1 contains a denial of service vulnerability that  ...)
+	TODO: check
+CVE-2020-37212 (SpotMSN 2.4.6 contains a denial of service vulnerability in the regist ...)
+	TODO: check
+CVE-2020-37211 (SpotIM 2.2 contains a denial of service vulnerability that allows atta ...)
+	TODO: check
+CVE-2020-37210 (SpotIE 2.9.5 contains a denial of service vulnerability in the registr ...)
+	TODO: check
+CVE-2020-37209 (SpotFTP 3.0.0.0 contains a denial of service vulnerability in the regi ...)
+	TODO: check
+CVE-2020-37208 (SpotFTP 3.0.0.0 contains a buffer overflow vulnerability in the regist ...)
+	TODO: check
+CVE-2020-37207 (SpotDialup 1.6.7 contains a denial of service vulnerability in the reg ...)
+	TODO: check
+CVE-2020-37206 (ShareAlarmPro contains a denial of service vulnerability that allows a ...)
+	TODO: check
+CVE-2020-37205 (RemShutdown 2.9.0.0 contains a denial of service vulnerability that al ...)
+	TODO: check
+CVE-2020-37204 (RemShutdown 2.9.0.0 contains a denial of service vulnerability in its  ...)
+	TODO: check
+CVE-2020-37203 (Office Product Key Finder 1.5.4 contains a denial of service vulnerabi ...)
+	TODO: check
+CVE-2020-37202 (NetworkSleuth 3.0.0.0 contains a denial of service vulnerability that  ...)
+	TODO: check
+CVE-2020-37201 (NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in th ...)
+	TODO: check
+CVE-2020-37200 (NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in th ...)
+	TODO: check
+CVE-2020-37199 (NBMonitor 1.6.6.0 contains a denial of service vulnerability in its re ...)
+	TODO: check
+CVE-2020-37198 (Duplicate Cleaner Pro 4.1.3 contains a denial of service vulnerability ...)
+	TODO: check
+CVE-2020-37197 (Dnss Domain Name Search Software contains a denial of service vulnerab ...)
+	TODO: check
+CVE-2020-37196 (Dnss Domain Name Search Software contains a denial of service vulnerab ...)
+	TODO: check
+CVE-2020-37195 (BlueAuditor 1.7.2.0 contains a denial of service vulnerability in the  ...)
+	TODO: check
+CVE-2020-37194 (Backup Key Recovery 2.2.5 contains a denial of service vulnerability t ...)
+	TODO: check
+CVE-2020-37193 (ZIP Password Recovery 2.30 contains a denial of service vulnerability  ...)
+	TODO: check
+CVE-2020-37192 (MSN Password Recovery 1.30 contains an XML external entity injection v ...)
+	TODO: check
+CVE-2020-37191 (Top Password Software Dialup Password Recovery 1.30 contains a denial  ...)
+	TODO: check
+CVE-2020-37190 (Top Password Firefox Password Recovery 2.8 contains a denial of servic ...)
+	TODO: check
+CVE-2020-37189 (TaskCanvas 1.4.0 contains a denial of service vulnerability in the reg ...)
+	TODO: check
+CVE-2020-37188 (SpotOutlook 1.2.6 contains a denial of service vulnerability in the re ...)
+	TODO: check
+CVE-2020-37187 (SpotDialup 1.6.7 contains a denial of service vulnerability in the reg ...)
+	TODO: check
+CVE-2020-37186 (Chevereto 3.13.4 Core contains a remote code execution vulnerability t ...)
+	TODO: check
+CVE-2020-37185 (Backup Key Recovery 2.2.5 contains a denial of service vulnerability t ...)
+	TODO: check
+CVE-2020-37184 (Allok Video Converter 4.6.1217 contains a stack overflow vulnerability ...)
+	TODO: check
+CVE-2020-37183 (Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 contains a stack over ...)
+	TODO: check
+CVE-2020-37182 (Redir 3.3 contains a stack overflow vulnerability in the doproxyconnec ...)
+	TODO: check
+CVE-2020-37181 (Torrent FLV Converter 1.51 Build 117 contains a stack overflow vulnera ...)
+	TODO: check
+CVE-2020-37180 (GTalk Password Finder 2.2.1 contains a denial of service vulnerability ...)
+	TODO: check
+CVE-2020-37179 (APKF Product Key Finder 2.5.8.0 contains a denial of service vulnerabi ...)
+	TODO: check
+CVE-2020-37178 (KeePass Password Safe versions before 2.44 contain a denial of service ...)
+	TODO: check
+CVE-2020-37177 (BOOTP Turbo 2.0 contains a denial of service vulnerability that allows ...)
+	TODO: check
+CVE-2020-37176 (Torrent 3GP Converter 1.51 contains a stack overflow vulnerability tha ...)
+	TODO: check
+CVE-2020-37175 (P2PWIFICAM2 for iOS 10.4.1 contains a denial of service vulnerability  ...)
+	TODO: check
+CVE-2020-37173 (AVideo Platform 8.1 contains an information disclosure vulnerability t ...)
+	TODO: check
+CVE-2020-37172 (AVideo Platform 8.1 contains a cross-site request forgery vulnerabilit ...)
+	TODO: check
+CVE-2020-37158 (AVideo Platform 8.1 contains a cross-site request forgery vulnerabilit ...)
+	TODO: check
+CVE-2020-37156 (BloodX 1.0 contains an authentication bypass vulnerability in login.ph ...)
+	TODO: check
+CVE-2020-37153 (ASTPP 4.0.1 contains multiple vulnerabilities including cross-site scr ...)
+	TODO: check
+CVE-2020-37104 (ASTPP 4.0.1 contains an information disclosure vulnerability that allo ...)
+	TODO: check
+CVE-2019-25313 (FlexNet Publisher 11.12.1 contains a cross-site request forgery vulner ...)
+	TODO: check
+CVE-2026-25990 (Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n ou ...)
 	- pillow <unfixed>
 	NOTE: https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc
 	NOTE: Fixed by: https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa (12.1.1)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7b4c080dfc4f4a582fe2bcea61cf3a89e842e2c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7b4c080dfc4f4a582fe2bcea61cf3a89e842e2c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260212/310b11e5/attachment.htm>

More information about the debian-security-tracker-commits mailing list