[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jan 19 08:12:32 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
484c63a9 by security tracker role at 2026-01-19T08:12:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,50 @@
-CVE-2026-0943
+CVE-2026-23829 (Mailpit is an email testing tool and API for developers. Prior to vers ...)
+	TODO: check
+CVE-2026-23733 (LobeChat is an open source chat application platform. Prior to version ...)
+	TODO: check
+CVE-2026-23644 (esm.sh is a no-build content delivery network (CDN) for web developmen ...)
+	TODO: check
+CVE-2026-23626 (Kimai is a web-based multi-user time-tracking application. Prior to ve ...)
+	TODO: check
+CVE-2026-23525 (1Panel is an open-source, web-based control panel for Linux server man ...)
+	TODO: check
+CVE-2026-1144 (A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affec ...)
+	TODO: check
+CVE-2026-1143 (A weakness has been identified in TOTOLINK A3700R 9.1.2u.5822_B2020051 ...)
+	TODO: check
+CVE-2026-1142 (A security flaw has been discovered in PHPGurukul News Portal 1.0. The ...)
+	TODO: check
+CVE-2026-1141 (A vulnerability was identified in PHPGurukul News Portal 1.0. The affe ...)
+	TODO: check
+CVE-2026-1140 (A vulnerability was found in UTT \u8fdb\u53d6 520W 1.7.7-180627. This  ...)
+	TODO: check
+CVE-2026-1139 (A vulnerability has been found in UTT \u8fdb\u53d6 520W 1.7.7-180627.  ...)
+	TODO: check
+CVE-2026-1138 (A flaw has been found in UTT \u8fdb\u53d6 520W 1.7.7-180627. This affe ...)
+	TODO: check
+CVE-2026-1137 (A vulnerability was detected in UTT \u8fdb\u53d6 520W 1.7.7-180627. Af ...)
+	TODO: check
+CVE-2026-1136 (A weakness has been identified in lcg0124 BootDo up to e93dd428ef6f5c8 ...)
+	TODO: check
+CVE-2026-1135 (A security flaw has been discovered in itsourcecode Society Management ...)
+	TODO: check
+CVE-2026-1134 (A vulnerability was identified in itsourcecode Society Management Syst ...)
+	TODO: check
+CVE-2026-1133 (A vulnerability was determined in Yonyou KSOA 9.0. The impacted elemen ...)
+	TODO: check
+CVE-2026-1132 (A vulnerability was found in Yonyou KSOA 9.0. The affected element is  ...)
+	TODO: check
+CVE-2026-1131 (A vulnerability has been found in Yonyou KSOA 9.0. Impacted is an unkn ...)
+	TODO: check
+CVE-2026-1130 (A flaw has been found in Yonyou KSOA 9.0. This issue affects some unkn ...)
+	TODO: check
+CVE-2026-1129 (A vulnerability was detected in Yonyou KSOA 9.0. This vulnerability af ...)
+	TODO: check
+CVE-2025-15539 (A vulnerability was determined in Open5GS up to 2.7.6. Impacted is the ...)
+	TODO: check
+CVE-2025-15538 (A security vulnerability has been detected in Open Asset Import Librar ...)
+	TODO: check
+CVE-2026-0943 (HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled lib ...)
 	- libharfbuzz-shaper-perl <not-affected> (Vulnerable code not present)
 	NOTE: Debian packaging HarfBuzz strips sources from upstream tarball since initial
 	NOTE: upload to the archive.
@@ -5301,12 +5347,14 @@ CVE-2025-69414 (Plex Media Server (PMS) through 1.42.2.10156 allows retrieval of
 CVE-2025-69284 (Plane is an an open-source project management tool. In plane.io, a gue ...)
 	NOT-FOR-US: Plane
 CVE-2025-67269 (An integer underflow vulnerability exists in the `nextstate()` functio ...)
+	{DLA-4441-1}
 	- gpsd <unfixed> (bug #1124799)
 	[trixie] - gpsd <no-dsa> (Minor issue)
 	[bookworm] - gpsd <no-dsa> (Minor issue)
 	NOTE: https://github.com/Jaenact/gspd_cve/blob/main/CVE-2025-67269/README.md
 	NOTE: Fixed by: https://gitlab.com/gpsd/gpsd/-/commit/ffa1d6f40bca0b035fc7f5e563160ebb67199da7 (release-3.27.1)
 CVE-2025-67268 (gpsd before commit dc966aa contains a heap-based out-of-bounds write v ...)
+	{DLA-4441-1}
 	- gpsd <unfixed> (bug #1124800)
 	[trixie] - gpsd <no-dsa> (Minor issue)
 	[bookworm] - gpsd <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/484c63a9663a1ce798285412098c51fd8cd287d9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/484c63a9663a1ce798285412098c51fd8cd287d9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260119/fb28c586/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list