[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Feb 24 20:14:02 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
818abb10 by security tracker role at 2026-02-24T20:13:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,226 +1,374 @@
-CVE-2026-2793
+CVE-2026-3131 (Improper access control in multiple DVLS REST API endpoints in Devolu ...)
+ TODO: check
+CVE-2026-3105 (SummaryThis advisory addresses a SQL injection vulnerability in the AP ...)
+ TODO: check
+CVE-2026-3102 (A vulnerability was determined in exiftool up to 13.49 on macOS. This ...)
+ TODO: check
+CVE-2026-3101 (A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnera ...)
+ TODO: check
+CVE-2026-2664 (An out of bounds read vulnerability in the grpcfuse kernel module pres ...)
+ TODO: check
+CVE-2026-2634 (Malicious scripts could cause desynchronization between the address ba ...)
+ TODO: check
+CVE-2026-2460 (A vulnerability exists in REB500 for an authenticated user with low-le ...)
+ TODO: check
+CVE-2026-2459 (A vulnerability exists in REB500 for an authenticated user with Instal ...)
+ TODO: check
+CVE-2026-27732 (WWBN AVideo is an open source video platform. Prior to version 22.0, t ...)
+ TODO: check
+CVE-2026-27590 (Caddy is an extensible server platform that uses TLS by default. Prior ...)
+ TODO: check
+CVE-2026-27589 (Caddy is an extensible server platform that uses TLS by default. Prior ...)
+ TODO: check
+CVE-2026-27588 (Caddy is an extensible server platform that uses TLS by default. Prior ...)
+ TODO: check
+CVE-2026-27587 (Caddy is an extensible server platform that uses TLS by default. Prior ...)
+ TODO: check
+CVE-2026-27586 (Caddy is an extensible server platform that uses TLS by default. Prior ...)
+ TODO: check
+CVE-2026-27585 (Caddy is an extensible server platform that uses TLS by default. Prior ...)
+ TODO: check
+CVE-2026-27584 (Actual is a local-first personal finance tool. Prior to version 26.2.1 ...)
+ TODO: check
+CVE-2026-27571 (NATS-Server is a High-Performance server for NATS.io, a cloud and edge ...)
+ TODO: check
+CVE-2026-27568 (WWBN AVideo is an open source video platform. Prior to version 21.0, A ...)
+ TODO: check
+CVE-2026-27567 (Payload is a free and open source headless content management system. ...)
+ TODO: check
+CVE-2026-27521 (Binardat 10G08-0800GSM network switch firmware versionV300SP10260209an ...)
+ TODO: check
+CVE-2026-27520 (Binardat 10G08-0800GSM network switch firmware versions prior toV300SP ...)
+ TODO: check
+CVE-2026-27519 (Binardat 10G08-0800GSM network switch firmware versionV300SP10260209 a ...)
+ TODO: check
+CVE-2026-27518 (Binardat 10G08-0800GSM network switch firmware versionV300SP10260209 a ...)
+ TODO: check
+CVE-2026-27517 (Binardat 10G08-0800GSM network switch firmware versionV300SP10260209 a ...)
+ TODO: check
+CVE-2026-27516 (Binardat 10G08-0800GSM network switch firmware versionV300SP10260209 a ...)
+ TODO: check
+CVE-2026-27515 (Binardat 10G08-0800GSM network switch firmware versions prior toV300SP ...)
+ TODO: check
+CVE-2026-27507 (Binardat 10G08-0800GSM network switch firmware versionV300SP10260209 a ...)
+ TODO: check
+CVE-2026-27483 (MindsDB is a platform for building artificial intelligence from enterp ...)
+ TODO: check
+CVE-2026-27477 (Mastodon is a free, open-source social network server based on Activit ...)
+ TODO: check
+CVE-2026-27468 (Mastodon is a free, open-source social network server based on Activit ...)
+ TODO: check
+CVE-2026-27208 (bleon-ethical/api-gateway-deploy provides API gateway deployment. Vers ...)
+ TODO: check
+CVE-2026-27156 (NiceGUI is a Python-based UI framework. Prior to version 3.8.0, severa ...)
+ TODO: check
+CVE-2026-26342 (Tattile Smart+, Vega, and Basic device families firmware versions 1.18 ...)
+ TODO: check
+CVE-2026-26341 (Tattile Smart+, Vega, and Basic device families firmware versions 1.18 ...)
+ TODO: check
+CVE-2026-26340 (Tattile Smart+, Vega, and Basic device families firmware versions 1.18 ...)
+ TODO: check
+CVE-2026-26222 (Altec DocLink (now maintained by Beyond Limits Inc.) version 4.0.336.0 ...)
+ TODO: check
+CVE-2026-25603 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2026-24241 (NVIDIA Delegated Licensing Service for all appliance platforms contain ...)
+ TODO: check
+CVE-2026-23984 (An Improper Input Validation vulnerability exists in Apache Superset t ...)
+ TODO: check
+CVE-2026-23983 (A Sensitive Data Exposure vulnerability exists in Apache Superset allo ...)
+ TODO: check
+CVE-2026-23982 (An Improper Authorization vulnerability exists in Apache Superset that ...)
+ TODO: check
+CVE-2026-23980 (Improper Neutralization of Special Elements used in a SQL Command ('SQ ...)
+ TODO: check
+CVE-2026-23969 (Apache Superset utilizes a configurable dictionary, DISALLOWED_SQL_FUN ...)
+ TODO: check
+CVE-2026-23859 (Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Clien ...)
+ TODO: check
+CVE-2026-23858 (Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Impr ...)
+ TODO: check
+CVE-2026-23678 (Binardat 10G08-0800GSM network switch firmware versionV300SP10260209 a ...)
+ TODO: check
+CVE-2026-22766 (Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unre ...)
+ TODO: check
+CVE-2026-22765 (Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missi ...)
+ TODO: check
+CVE-2026-1773 (IEC 60870-5-104: Potential Denial of Service impact on reception of in ...)
+ TODO: check
+CVE-2026-1772 (RTU500 web interface: An unprivileged user can read user management in ...)
+ TODO: check
+CVE-2026-1768 (A permission cache poisoning vulnerability in Devolutions Server allow ...)
+ TODO: check
+CVE-2026-0402 (A post-authentication Out-of-bounds Read vulnerability in SonicOS allo ...)
+ TODO: check
+CVE-2026-0401 (A post-authentication NULL Pointer Dereference vulnerability in SonicO ...)
+ TODO: check
+CVE-2026-0400 (A post-authentication Format String vulnerability in SonicOS allows a ...)
+ TODO: check
+CVE-2026-0399 (Multiple post-authentication stack-based buffer overflow vulnerabiliti ...)
+ TODO: check
+CVE-2025-69985 (FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability l ...)
+ TODO: check
+CVE-2025-67445 (TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service v ...)
+ TODO: check
+CVE-2025-63409 (Privilege escalation and improper access control in GCOM EPON 1GE C00R ...)
+ TODO: check
+CVE-2025-62512 (Piwigo is an open source photo gallery application for the web. In ver ...)
+ TODO: check
+CVE-2025-47904 (Download of Code Without Integrity Check vulnerability in Microchip Ti ...)
+ TODO: check
+CVE-2025-33181 (NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the ...)
+ TODO: check
+CVE-2025-33180 (NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the ...)
+ TODO: check
+CVE-2025-33179 (NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the ...)
+ TODO: check
+CVE-2025-27555 (Airflow versions before 2.11.1 have a vulnerability that allows authen ...)
+ TODO: check
+CVE-2025-1789 (Local privilege escalation in Genetec Update Service. An authenticated ...)
+ TODO: check
+CVE-2025-1787 (Local admin could to leak information from the Genetec Update Service ...)
+ TODO: check
+CVE-2025-14963 (A vulnerability identified in the Trellix HX Agent driver file fekern ...)
+ TODO: check
+CVE-2025-14577 (Slican NCP/IPL/IPM/IPU devices are vulnerable to PHP Function Injectio ...)
+ TODO: check
+CVE-2025-13776 (Multiple Finka programs use hard-coded Firebird database credentials ( ...)
+ TODO: check
+CVE-2025-11165 (A sandbox escape vulnerability exists in dotCMS\u2019s Velocity script ...)
+ TODO: check
+CVE-2025-10010 (The CPSD CryptoPro Secure Disk application boots a small Linux operati ...)
+ TODO: check
+CVE-2024-56373 (DAG Author (who already has quite a lot of permissions) could manipula ...)
+ TODO: check
+CVE-2024-48928 (Piwigo is an open source photo gallery application for the web. In ver ...)
+ TODO: check
+CVE-2024-1524 (When the "Silent Just-In-Time Provisioning" feature is enabled for a f ...)
+ TODO: check
+CVE-2026-2793 (Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, T ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2793
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2793
-CVE-2026-2792
+CVE-2026-2792 (Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7 ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2792
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2792
-CVE-2026-2807
+CVE-2026-2807 (Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2807
-CVE-2026-2791
+CVE-2026-2791 (Mitigation bypass in the Networking: Cache component. This vulnerabili ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2791
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2791
-CVE-2026-2790
+CVE-2026-2790 (Same-origin policy bypass in the Networking: JAR component. This vulne ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2790
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2790
-CVE-2026-2806
+CVE-2026-2806 (Uninitialized memory in the Graphics: Text component. This vulnerabili ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2806
-CVE-2026-2789
+CVE-2026-2789 (Use-after-free in the Graphics: ImageLib component. This vulnerability ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2789
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2789
-CVE-2026-2788
+CVE-2026-2788 (Incorrect boundary conditions in the Audio/Video: GMP component. This ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2788
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2788
-CVE-2026-2787
+CVE-2026-2787 (Use-after-free in the DOM: Window and Location component. This vulnera ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2787
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2787
-CVE-2026-2805
+CVE-2026-2805 (Invalid pointer in the DOM: Core & HTML component. This vulnerability ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2805
-CVE-2026-2786
+CVE-2026-2786 (Use-after-free in the JavaScript Engine component. This vulnerability ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2786
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2786
-CVE-2026-2804
+CVE-2026-2804 (Use-after-free in the JavaScript: WebAssembly component. This vulnerab ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2804
-CVE-2026-2785
+CVE-2026-2785 (Invalid pointer in the JavaScript Engine component. This vulnerability ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2785
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2785
-CVE-2026-2784
+CVE-2026-2784 (Mitigation bypass in the DOM: Security component. This vulnerability a ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2784
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2784
-CVE-2026-2803
+CVE-2026-2803 (Information disclosure, mitigation bypass in the Settings UI component ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2803
-CVE-2026-2802
+CVE-2026-2802 (Race condition in the JavaScript: GC component. This vulnerability aff ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2802
-CVE-2026-2783
+CVE-2026-2783 (Information disclosure due to JIT miscompilation in the JavaScript Eng ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2783
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2783
-CVE-2026-2782
+CVE-2026-2782 (Privilege escalation in the Netmonitor component. This vulnerability a ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2782
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2782
-CVE-2026-2801
+CVE-2026-2801 (Incorrect boundary conditions in the JavaScript: WebAssembly component ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2801
-CVE-2026-2781
+CVE-2026-2781 (Integer overflow in the Libraries component in NSS. This vulnerability ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2781
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2781
-CVE-2026-2780
+CVE-2026-2780 (Privilege escalation in the Netmonitor component. This vulnerability a ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2780
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2780
-CVE-2026-2800
+CVE-2026-2800 (Spoofing issue in the WebAuthn component in Firefox for Android. This ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2800
-CVE-2026-2779
+CVE-2026-2779 (Incorrect boundary conditions in the Networking: JAR component. This v ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2779
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2779
-CVE-2026-2778
+CVE-2026-2778 (Sandbox escape due to incorrect boundary conditions in the DOM: Core & ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2778
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2778
-CVE-2026-2777
+CVE-2026-2777 (Privilege escalation in the Messaging System component. This vulnerabi ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2777
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2777
-CVE-2026-2776
+CVE-2026-2776 (Sandbox escape due to incorrect boundary conditions in the Telemetry c ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2776
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2776
-CVE-2026-2775
+CVE-2026-2775 (Mitigation bypass in the DOM: HTML Parser component. This vulnerabilit ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2775
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2775
-CVE-2026-2774
+CVE-2026-2774 (Integer overflow in the Audio/Video component. This vulnerability affe ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2774
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2774
-CVE-2026-2773
+CVE-2026-2773 (Incorrect boundary conditions in the Web Audio component. This vulnera ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2773
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2773
-CVE-2026-2772
+CVE-2026-2772 (Use-after-free in the Audio/Video: Playback component. This vulnerabil ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2772
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2772
-CVE-2026-2771
+CVE-2026-2771 (Undefined behavior in the DOM: Core & HTML component. This vulnerabili ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2771
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2771
-CVE-2026-2770
+CVE-2026-2770 (Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerabi ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2770
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2770
-CVE-2026-2799
+CVE-2026-2799 (Use-after-free in the DOM: Core & HTML component. This vulnerability a ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2799
-CVE-2026-2769
+CVE-2026-2769 (Use-after-free in the Storage: IndexedDB component. This vulnerability ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2769
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2769
-CVE-2026-2798
+CVE-2026-2798 (Use-after-free in the DOM: Core & HTML component. This vulnerability a ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2798
-CVE-2026-2768
+CVE-2026-2768 (Sandbox escape in the Storage: IndexedDB component. This vulnerability ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2768
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2768
-CVE-2026-2767
+CVE-2026-2767 (Use-after-free in the JavaScript: WebAssembly component. This vulnerab ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2767
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2767
-CVE-2026-2766
+CVE-2026-2766 (Use-after-free in the JavaScript Engine: JIT component. This vulnerabi ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2766
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2766
-CVE-2026-2765
+CVE-2026-2765 (Use-after-free in the JavaScript Engine component. This vulnerability ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2765
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2765
-CVE-2026-2797
+CVE-2026-2797 (Use-after-free in the JavaScript: GC component. This vulnerability aff ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2797
-CVE-2026-2796
+CVE-2026-2796 (JIT miscompilation in the JavaScript: WebAssembly component. This vuln ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2796
-CVE-2026-2764
+CVE-2026-2764 (JIT miscompilation, use-after-free in the JavaScript Engine: JIT compo ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2764
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2764
-CVE-2026-2763
+CVE-2026-2763 (Use-after-free in the JavaScript Engine component. This vulnerability ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2763
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2763
-CVE-2026-2762
+CVE-2026-2762 (Integer overflow in the JavaScript: Standard Library component. This v ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2762
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2762
-CVE-2026-2761
+CVE-2026-2761 (Sandbox escape in the Graphics: WebRender component. This vulnerabilit ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2761
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2761
-CVE-2026-2760
+CVE-2026-2760 (Sandbox escape due to incorrect boundary conditions in the Graphics: W ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2760
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2760
-CVE-2026-2795
+CVE-2026-2795 (Use-after-free in the JavaScript: GC component. This vulnerability aff ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2795
-CVE-2026-2759
+CVE-2026-2759 (Incorrect boundary conditions in the Graphics: ImageLib component. Thi ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2759
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2759
-CVE-2026-2758
+CVE-2026-2758 (Use-after-free in the JavaScript: GC component. This vulnerability aff ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2758
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2758
-CVE-2026-2794
+CVE-2026-2794 (Information disclosure due to uninitialized memory in Firefox and Fire ...)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2794
-CVE-2026-2757
+CVE-2026-2757 (Incorrect boundary conditions in the WebRTC: Audio/Video component. Th ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2757
@@ -496,7 +644,7 @@ CVE-2026-24314 (Under certain conditions SAP S/4HANA (Manage Payment Media) allo
NOT-FOR-US: SAP
CVE-2026-23694 (Aruba HiSpeed Cache (aruba-hispeed-cache) WordPress plugin versions pr ...)
NOT-FOR-US: Aruba HiSpeed Cache (aruba-hispeed-cache) WordPress plugin
-CVE-2026-23693 (ElementsKit Lite (elementskit-lite) WordPress plugin versions prior to ...)
+CVE-2026-23693 (ElementsKit Elementor Addons \u2013 Advanced Widgets & Templates Addon ...)
NOT-FOR-US: WordPress plugin
CVE-2026-23521 (Versions of the Traccar open-source GPS tracking system up to and incl ...)
NOT-FOR-US: Traccar
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/818abb10f08f299787847591abd68a0ee73040c4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/818abb10f08f299787847591abd68a0ee73040c4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260224/a7a30062/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list