[Git][security-tracker-team/security-tracker][master] Add CVE-2026-26996/node-minimatch
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Feb 20 20:40:55 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
420a429c by Salvatore Bonaccorso at 2026-02-20T21:40:29+01:00
Add CVE-2026-26996/node-minimatch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -631,7 +631,9 @@ CVE-2026-27002 (OpenClaw is a personal AI assistant. Prior to version 2026.2.15,
CVE-2026-27001 (OpenClaw is a personal AI assistant. Prior to version 2026.2.15, OpenC ...)
NOT-FOR-US: OpenClaw
CVE-2026-26996 (minimatch is a minimal matching utility for converting glob expression ...)
- TODO: check
+ - node-minimatch <unfixed>
+ NOTE: https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26
+ NOTE: Fixed by: https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5 (v10.2.1)
CVE-2026-26995
REJECTED
CVE-2026-26994 (uTLS is a fork of crypto/tls, created to customize ClientHello for fin ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/420a429c401cab408828ab38c4f71da094d29fd6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/420a429c401cab408828ab38c4f71da094d29fd6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260220/992d7180/attachment.htm>
More information about the debian-security-tracker-commits
mailing list