[Git][security-tracker-team/security-tracker][master] Add two more spip issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Feb 19 20:29:48 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f19a760f by Salvatore Bonaccorso at 2026-02-19T21:29:25+01:00
Add two more spip issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -71,7 +71,8 @@ CVE-2026-26359 (Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an Exte
 CVE-2026-26358 (Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Missing Aut ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2026-26345 (SPIP before 4.4.8 allows Cross-Site Scripting (XSS) in the public area ...)
-	TODO: check
+	- spip 4.4.9+dfsg-1
+	NOTE: https://blog.spip.net/Mise-a-jour-de-securite-sortie-de-SPIP-4-4-8.html
 CVE-2026-26339 (Hyland Alfresco Transformation Service allows unauthenticated attacker ...)
 	TODO: check
 CVE-2026-26338 (Hyland Alfresco Transformation Service allows unauthenticated attacker ...)
@@ -89,7 +90,8 @@ CVE-2026-26278 (fast-xml-parser allows users to validate XML, parse XML to JS ob
 CVE-2026-26267 (soroban-sdk is a Rust SDK for Soroban contracts. Prior to versions 22. ...)
 	TODO: check
 CVE-2026-26223 (SPIP before 4.4.8 allows Cross-Site Scripting (XSS) in the private are ...)
-	TODO: check
+	- spip 4.4.9+dfsg-1
+	NOTE: https://blog.spip.net/Mise-a-jour-de-securite-sortie-de-SPIP-4-4-8.html
 CVE-2026-26205 (opa-envoy-plugun is a plugin to enforce OPA policies with Envoy. Versi ...)
 	TODO: check
 CVE-2026-26203 (PJSIP is a free and open source multimedia communication library. Vers ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f19a760fb788276eb42f82af23896ab014dac460

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f19a760fb788276eb42f82af23896ab014dac460
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260219/771cf0e7/attachment.htm>

More information about the debian-security-tracker-commits mailing list