[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Jan 8 20:10:36 GMT 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5fe3698b by Moritz Muehlenhoff at 2026-01-08T21:10:16+01:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -36,15 +36,15 @@ CVE-2026-22035 (Greenshot is an open source Windows screenshot utility. Versions
 CVE-2026-21883 (Bokeh is an interactive visualization library written in Python. In ve ...)
 	- python-bokeh <itp> (bug #756017)
 CVE-2026-21881 (Kanboard is project management software focused on Kanban methodology. ...)
-	- kanboard <unfixed>
+	- kanboard <unfixed> (bug #1125061)
 	NOTE: https://github.com/kanboard/kanboard/security/advisories/GHSA-wwpf-3j4p-739w
 	NOTE: https://github.com/kanboard/kanboard/commit/7af6143e2ad25b5c15549cca8af4341c7ac4e2fc (v1.2.49)
 CVE-2026-21880 (Kanboard is project management software focused on Kanban methodology. ...)
-	- kanboard <unfixed>
+	- kanboard <unfixed> (bug #1125061)
 	NOTE: https://github.com/kanboard/kanboard/security/advisories/GHSA-v66r-m28r-wmq7
 	NOTE: https://github.com/kanboard/kanboard/commit/dd374079f7c2d1dab74c1680960e684ff8668586 (v1.2.49)
 CVE-2026-21879 (Kanboard is project management software focused on Kanban methodology. ...)
-	- kanboard <unfixed>
+	- kanboard <unfixed> (bug #1125061)
 	NOTE: https://github.com/kanboard/kanboard/security/advisories/GHSA-mhv9-7m9w-7hcq
 	NOTE: https://github.com/kanboard/kanboard/commit/93bcae03301a6d34185a8dba977417e6b3de519f (v1.2.49)
 CVE-2026-21877 (n8n is an open source workflow automation platform. In versions 0.121. ...)
@@ -52,7 +52,7 @@ CVE-2026-21877 (n8n is an open source workflow automation platform. In versions
 CVE-2026-21875 (ClipBucket v5 is an open source video sharing platform. Versions 5.5.2 ...)
 	NOT-FOR-US: ClipBucket
 CVE-2026-21869 (llama.cpp is an inference of several LLM models in C/C++. In commits 5 ...)
-	- llama.cpp <unfixed>
+	- llama.cpp <unfixed> (bug #1125060)
 	NOTE: https://github.com/ggml-org/llama.cpp/security/advisories/GHSA-8947-pfff-2f3c
 CVE-2026-21868 (Flag Forge is a Capture The Flag (CTF) platform. Versions 2.3.2 and be ...)
 	NOT-FOR-US: Flag Forge
@@ -97,7 +97,7 @@ CVE-2026-21682 (iccDEV provides a set of libraries and tools that allow for the
 CVE-2026-21681 (iccDEV provides a set of libraries and tools that allow for the intera ...)
 	NOT-FOR-US: iccDEV
 CVE-2026-21441 (urllib3 is an HTTP client library for Python. urllib3's streaming API  ...)
-	- python-urllib3 <unfixed>
+	- python-urllib3 <unfixed> (bug #1125062)
 	NOTE: https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99
 	NOTE: https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b (2.6.3)
 CVE-2026-21427 (The installers for multiple products provided by PIONEER CORPORATION c ...)
@@ -139,7 +139,7 @@ CVE-2025-14275 (The Jeg Elementor Kit plugin for WordPress is vulnerable to Stor
 CVE-2025-13679 (The Tutor LMS \u2013 eLearning and online course solution plugin for W ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-13151 (Stack-based buffer overflow in libtasn1 version: v4.20.0. The function ...)
-	- libtasn1-6 <unfixed>
+	- libtasn1-6 <unfixed> (bug #1125063)
 	NOTE: https://gitlab.com/gnutls/libtasn1/-/merge_requests/121
 CVE-2025-12776 (The Report Builder component of the application stores user input dire ...)
 	NOT-FOR-US: Commvault
@@ -449,7 +449,7 @@ CVE-2025-13418 (The Responsive Pricing Table plugin for WordPress is vulnerable
 CVE-2025-12958 (The Rankology SEO and Analytics Tool plugin for WordPress is vulnerabl ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-12543 (A flaw was found in the Undertow HTTP server core, which is used in Wi ...)
-	- undertow <unfixed>
+	- undertow <unfixed> (bug #1125059)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2408784
 CVE-2025-12540 (The ShareThis Dashboard for Google Analytics plugin for WordPress is v ...)
 	NOT-FOR-US: WordPress plugin



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fe3698bc5212eeff1cfab701ae4d4edf4b2dd3e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fe3698bc5212eeff1cfab701ae4d4edf4b2dd3e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260108/caaeb012/attachment.htm>

More information about the debian-security-tracker-commits mailing list