[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jan 23 08:13:26 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8ed95651 by security tracker role at 2026-01-23T08:13:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,8 +1,216 @@
-CVE-2026-24117
+CVE-2026-24515 (In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy ...)
+ TODO: check
+CVE-2026-24342
+ REJECTED
+CVE-2026-24341
+ REJECTED
+CVE-2026-24340
+ REJECTED
+CVE-2026-24339
+ REJECTED
+CVE-2026-24338
+ REJECTED
+CVE-2026-24337
+ REJECTED
+CVE-2026-24336
+ REJECTED
+CVE-2026-24335
+ REJECTED
+CVE-2026-24334
+ REJECTED
+CVE-2026-24307 (Improper validation of specified type of input in M365 Copilot allows ...)
+ TODO: check
+CVE-2026-24306 (Improper access control in Azure Front Door (AFD) allows an unauthoriz ...)
+ TODO: check
+CVE-2026-24305 (Azure Entra ID Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2026-24304 (Improper access control in Azure Resource Manager allows an authorized ...)
+ TODO: check
+CVE-2026-24138 (FOG is a free open-source cloning/imaging/rescue suite/inventory manag ...)
+ TODO: check
+CVE-2026-24137 (sigstore framework is a common go library shared across sigstore servi ...)
+ TODO: check
+CVE-2026-24132 (Orval generates type-safe JS clients (TypeScript) from any valid OpenA ...)
+ TODO: check
+CVE-2026-24130 (Moonraker is a Python web server providing API access to Klipper 3D pr ...)
+ TODO: check
+CVE-2026-24129 (Runtipi is a Docker-based, personal homeserver orchestrator that facil ...)
+ TODO: check
+CVE-2026-24124 (Dragonfly is an open source P2P-based file distribution and image acce ...)
+ TODO: check
+CVE-2026-24058 (Soft Serve is a self-hostable Git server for the command line. Version ...)
+ TODO: check
+CVE-2026-23988 (Rufus is a utility that helps format and create bootable USB flash dri ...)
+ TODO: check
+CVE-2026-21524 (Exposure of sensitive information to an unauthorized actor in Azure Da ...)
+ TODO: check
+CVE-2026-21521 (Improper neutralization of escape, meta, or control sequences in Copil ...)
+ TODO: check
+CVE-2026-21520 (Exposure of Sensitive Information to an Unauthorized Actor in Copilot ...)
+ TODO: check
+CVE-2026-21264 (Improper neutralization of input during web page generation ('cross-si ...)
+ TODO: check
+CVE-2026-21227 (Improper limitation of a pathname to a restricted directory ('path tra ...)
+ TODO: check
+CVE-2026-20912 (Gitea does not properly validate repository ownership when linking att ...)
+ TODO: check
+CVE-2026-20904 (Gitea does not properly validate ownership when toggling OpenID URI vi ...)
+ TODO: check
+CVE-2026-20897 (Gitea does not properly validate repository ownership when deleting Gi ...)
+ TODO: check
+CVE-2026-20888 (Gitea does not properly verify authorization when canceling scheduled ...)
+ TODO: check
+CVE-2026-20883 (Gitea's stopwatch API does not re-validate repository access permissio ...)
+ TODO: check
+CVE-2026-20800 (Gitea's notification API does not re-validate repository access permis ...)
+ TODO: check
+CVE-2026-20750 (Gitea does not properly validate project ownership in organization pro ...)
+ TODO: check
+CVE-2026-20736 (Gitea does not properly verify repository context when deleting attach ...)
+ TODO: check
+CVE-2026-20613 (The ArchiveReader.extractContents() function used by cctl image load a ...)
+ TODO: check
+CVE-2026-1201 (An Authorization Bypass Through User-Controlled Key vulnerability in H ...)
+ TODO: check
+CVE-2026-0927 (The KiviCare \u2013 Clinic & Patient Management System (EHR) plugin fo ...)
+ TODO: check
+CVE-2026-0798 (Gitea may send release notification emails for private repositories to ...)
+ TODO: check
+CVE-2026-0796 (ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execut ...)
+ TODO: check
+CVE-2026-0795 (ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execut ...)
+ TODO: check
+CVE-2026-0794 (ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vu ...)
+ TODO: check
+CVE-2026-0793 (ALGO 8180 IP Audio Alerter InformaCast Heap-based Buffer Overflow Remo ...)
+ TODO: check
+CVE-2026-0792 (ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Ov ...)
+ TODO: check
+CVE-2026-0791 (ALGO 8180 IP Audio Alerter SIP INVITE Replaces Stack-based Buffer Over ...)
+ TODO: check
+CVE-2026-0790 (ALGO 8180 IP Audio Alerter Web UI Direct Request Information Disclosur ...)
+ TODO: check
+CVE-2026-0789 (ALGO 8180 IP Audio Alerter Web UI Inclusion of Authentication Cookie i ...)
+ TODO: check
+CVE-2026-0788 (ALGO 8180 IP Audio Alerter Web UI Persistent Cross-Site Scripting Vuln ...)
+ TODO: check
+CVE-2026-0787 (ALGO 8180 IP Audio Alerter SAC Command Injection Remote Code Execution ...)
+ TODO: check
+CVE-2026-0786 (ALGO 8180 IP Audio Alerter SCI Command Injection Remote Code Execution ...)
+ TODO: check
+CVE-2026-0785 (ALGO 8180 IP Audio Alerter API Command Injection Remote Code Execution ...)
+ TODO: check
+CVE-2026-0784 (ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execut ...)
+ TODO: check
+CVE-2026-0783 (ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execut ...)
+ TODO: check
+CVE-2026-0782 (ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execut ...)
+ TODO: check
+CVE-2026-0781 (ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execut ...)
+ TODO: check
+CVE-2026-0780 (ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execut ...)
+ TODO: check
+CVE-2026-0779 (ALGO 8180 IP Audio Alerter Ping Command Injection Remote Code Executio ...)
+ TODO: check
+CVE-2026-0778 (Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code E ...)
+ TODO: check
+CVE-2026-0776 (Discord Client Uncontrolled Search Path Element Local Privilege Escala ...)
+ TODO: check
+CVE-2026-0775 (npm cli Incorrect Permission Assignment Local Privilege Escalation Vul ...)
+ TODO: check
+CVE-2026-0774 (WatchYourLAN Configuration Page Argument Injection Remote Code Executi ...)
+ TODO: check
+CVE-2026-0773 (Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Exec ...)
+ TODO: check
+CVE-2026-0772 (Langflow Disk Cache Deserialization of Untrusted Data Remote Code Exec ...)
+ TODO: check
+CVE-2026-0771 (Langflow PythonFunction Code Injection Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2026-0770 (Langflow exec_globals Inclusion of Functionality from Untrusted Contro ...)
+ TODO: check
+CVE-2026-0769 (Langflow eval_custom_component_code Eval Injection Remote Code Executi ...)
+ TODO: check
+CVE-2026-0768 (Langflow code Code Injection Remote Code Execution Vulnerability. This ...)
+ TODO: check
+CVE-2026-0767 (Open WebUI Cleartext Transmission of Credentials Information Disclosur ...)
+ TODO: check
+CVE-2026-0766 (Open WebUI load_tool_module_by_id Command Injection Remote Code Execut ...)
+ TODO: check
+CVE-2026-0765 (Open WebUI PIP install_frontmatter_requirements Command Injection Remo ...)
+ TODO: check
+CVE-2026-0764 (GPT Academic upload Deserialization of Untrusted Data Remote Code Exec ...)
+ TODO: check
+CVE-2026-0763 (GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrust ...)
+ TODO: check
+CVE-2026-0762 (GPT Academic stream_daas Deserialization of Untrusted Data Remote Code ...)
+ TODO: check
+CVE-2026-0761 (Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection R ...)
+ TODO: check
+CVE-2026-0760 (Foundation Agents MetaGPT deserialize_message Deserialization of Untru ...)
+ TODO: check
+CVE-2026-0759 (Katana Network Development Starter Kit executeCommand Command Injectio ...)
+ TODO: check
+CVE-2026-0758 (mcp-server-siri-shortcuts shortcutName Command Injection Privilege Esc ...)
+ TODO: check
+CVE-2026-0757 (MCP Manager for Claude Desktop execute-command Command Injection Sandb ...)
+ TODO: check
+CVE-2026-0756 (github-kanban-mcp-server execAsync Command Injection Remote Code Execu ...)
+ TODO: check
+CVE-2026-0755 (gemini-mcp-tool execAsync Command Injection Remote Code Execution Vuln ...)
+ TODO: check
+CVE-2026-0710 (A flaw was found in SIPp. A remote attacker could exploit this by send ...)
+ TODO: check
+CVE-2025-9290 (An authentication weakness was identified in Omada Controllers, Gatewa ...)
+ TODO: check
+CVE-2025-9289 (A Cross-Site Scripting (XSS) vulnerability was identified in a paramet ...)
+ TODO: check
+CVE-2025-67847 (A flaw was found in Moodle. An attacker with access to the restore int ...)
+ TODO: check
+CVE-2025-67652 (An attacker with access to the project file could use the exposed cre ...)
+ TODO: check
+CVE-2025-55705 (This vulnerability occurs when the system permits multiple simultaneou ...)
+ TODO: check
+CVE-2025-54816 (This vulnerability occurs when a WebSocket endpoint does not enforce ...)
+ TODO: check
+CVE-2025-53968 (This vulnerability arises because there are no limitations on the numb ...)
+ TODO: check
+CVE-2025-25051 (An attacker could decrypt sensitive data, impersonate legitimate users ...)
+ TODO: check
+CVE-2025-22234 (The fix applied in CVE-2025-22228 inadvertently broke the timing attac ...)
+ TODO: check
+CVE-2025-15522 (The Uncanny Automator \u2013 Easy Automation, Integration, Webhooks & ...)
+ TODO: check
+CVE-2025-15351 (Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data ...)
+ TODO: check
+CVE-2025-15350 (Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data ...)
+ TODO: check
+CVE-2025-15349 (Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerabil ...)
+ TODO: check
+CVE-2025-15348 (Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data R ...)
+ TODO: check
+CVE-2025-15063 (Ollama MCP Server execAsync Command Injection Remote Code Execution Vu ...)
+ TODO: check
+CVE-2025-15062 (Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution ...)
+ TODO: check
+CVE-2025-15061 (Framelink Figma MCP Server fetchWithRetry Command Injection Remote Cod ...)
+ TODO: check
+CVE-2025-15059 (GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution ...)
+ TODO: check
+CVE-2025-14751 (A low-privileged user can bypass account credentials without confirmin ...)
+ TODO: check
+CVE-2025-14750 (The web application does not sufficiently verify inputs that are assum ...)
+ TODO: check
+CVE-2025-14745 (The RSS Aggregator \u2013 RSS Import, News Feeds, Feed to Post, and Au ...)
+ TODO: check
+CVE-2025-14069 (The Schema & Structured Data for WP & AMP plugin for WordPress is vuln ...)
+ TODO: check
+CVE-2024-11976 (The The BuddyPress plugin for WordPress is vulnerable to arbitrary sho ...)
+ TODO: check
+CVE-2026-24117 (Rekor is a software supply chain transparency log. In versions 1.4.3 a ...)
- rekor <unfixed>
NOTE: https://github.com/sigstore/rekor/security/advisories/GHSA-4c4x-jm2x-pf9j
NOTE: Fixed by: https://github.com/sigstore/rekor/commit/60ef2bceba192c5bf9327d003bceea8bf1f8275f (v1.5.0)
-CVE-2026-23831
+CVE-2026-23831 (Rekor is a software supply chain transparency log. In versions 1.4.3 a ...)
- rekor <unfixed>
NOTE: https://github.com/sigstore/rekor/security/advisories/GHSA-273p-m2cw-6833
NOTE: Fixed by: https://github.com/sigstore/rekor/commit/39bae3d192bce48ef4ef2cbd1788fb5770fee8cd (v1.5.0)
@@ -919,11 +1127,11 @@ CVE-2023-32719
REJECTED
CVE-2023-32718
REJECTED
-CVE-2026-23954 [Container image templating arbitrary host file read and write]
+CVE-2026-23954 (Incus is a system container and virtual machine manager. Versions 6.21 ...)
- incus 6.0.5-8
- lxd <removed>
NOTE: https://github.com/lxc/incus/security/advisories/GHSA-7f67-crqm-jgh7
-CVE-2026-23953 [Container environment configuration newline injection]
+CVE-2026-23953 (Incus is a system container and virtual machine manager. In versions 6 ...)
- incus 6.0.5-8
- lxd <removed>
NOTE: https://github.com/lxc/incus/security/advisories/GHSA-x6jc-phwx-hp32
@@ -1123,7 +1331,7 @@ CVE-2026-1200
- liblivemedia <removed>
CVE-2026-1190
- keycloak <itp> (bug #1088287)
-CVE-2026-0603
+CVE-2026-0603 (A flaw was found in Hibernate. A remote attacker with low privileges c ...)
NOT-FOR-US: Hibernate Core
CVE-2026-1102 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
- gitlab <unfixed>
@@ -1432,6 +1640,7 @@ CVE-2026-24061 (telnetd in GNU Inetutils through 2.7 allows remote authenticatio
NOTE: Fixed by: https://codeberg.org/inetutils/inetutils/commit/fd702c02497b2f398e739e3119bed0b23dd7aa7b
NOTE: Fixed by: https://codeberg.org/inetutils/inetutils/commit/ccba9f748aa8d50a38d7748e2e60362edd6a32cc
CVE-2026-1220
+ {DSA-6108-1}
- chromium 144.0.7559.96-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-22844 (A Command Injection vulnerability in Zoom Node Multimedia Routers (MMR ...)
@@ -3010,7 +3219,8 @@ CVE-2021-47762 (HTTPDebuggerPro 9.11 contains an unquoted service path vulnerabi
NOT-FOR-US: HTTPDebuggerPro
CVE-2021-47761 (MilleGPG5 5.7.2 contains a local privilege escalation vulnerability th ...)
NOT-FOR-US: MilleGPG5
-CVE-2021-47760 (TestLink versions 1.16 through 1.19 contain an unauthenticated file do ...)
+CVE-2021-47760
+ REJECTED
NOT-FOR-US: TestLink
CVE-2021-47759 (MTPutty 1.0.1.21 contains a sensitive information disclosure vulnerabi ...)
NOT-FOR-US: MTPutty
@@ -5970,7 +6180,7 @@ CVE-2026-21682 (iccDEV provides a set of libraries and tools that allow for the
CVE-2026-21681 (iccDEV provides a set of libraries and tools that allow for the intera ...)
NOT-FOR-US: iccDEV
CVE-2026-21441 (urllib3 is an HTTP client library for Python. urllib3's streaming API ...)
- {DSA-6102-1}
+ {DSA-6102-2 DSA-6102-1 DLA-4446-1}
- python-urllib3 2.5.0-2 (bug #1125062)
NOTE: https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99
NOTE: https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b (2.6.3)
@@ -38980,7 +39190,7 @@ CVE-2025-11189 (The Kiwire Captive Portal contains a reflected cross-site script
NOT-FOR-US: Kiwire Captive Portal
CVE-2025-11188 (The Kiwire Captive Portal contains a blind SQL injection in the nas-id ...)
NOT-FOR-US: Kiwire Captive Portal
-CVE-2025-11002
+CVE-2025-11002 (7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulne ...)
- 7zip 25.00+dfsg-1
[trixie] - 7zip 25.01+dfsg-1~deb13u1
[bookworm] - 7zip <no-dsa> (Minor issue)
@@ -95561,7 +95771,7 @@ CVE-2024-58250 (The passprompt plugin in pppd in ppp before 2.5.2 mishandles pri
NOTE: Fixed by: https://github.com/ppp-project/ppp/commit/0a66ad22e54c72690ec2a29a019767c55c5281fc (v2.5.2)
NOTE: Fix removes the passprompt plugin (can be replaced using passwordfd plugin, may break existing
NOTE: configurations)
-CVE-2025-3839 [Require user interaction before opening URL in external application]
+CVE-2025-3839 (A flaw was found in Epiphany, a tool that allows websites to open exte ...)
- epiphany-browser 48.1-1
[bookworm] - epiphany-browser <no-dsa> (Minor issue)
[bullseye] - epiphany-browser <postponed> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ed9565187c4b75fe5a9e9e9f012d818181ad8a1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ed9565187c4b75fe5a9e9e9f012d818181ad8a1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260123/9a04c2f5/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list