[Git][security-tracker-team/security-tracker][master] Add two libusb-1.0 issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 1 07:02:48 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
707615c6 by Salvatore Bonaccorso at 2026-06-01T08:02:17+02:00
Add two libusb-1.0 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2896,7 +2896,10 @@ CVE-2026-47119 (Agent Zero before version 1.15 contains a stored cross-site scri
 CVE-2026-47118 (Agent Zero before version 1.15 contains a path traversal vulnerability ...)
 	NOT-FOR-US: Agent Zero
 CVE-2026-47104 (libusb before version 1.0.30 contains a one-byte out-of-bounds read vu ...)
-	TODO: check
+	- libusb-1.0 2:1.0.30-1
+	NOTE: https://github.com/libusb/libusb/issues/1813
+	NOTE: https://github.com/libusb/libusb/pull/1814
+	NOTE: https://github.com/libusb/libusb/commit/bc0886173ea15b8cc9bba2918f58a97a7f185231 (v1.0.30-rc2)
 CVE-2026-46427 (Budibase is an open-source low-code platform. Prior to 3.38.3, removeS ...)
 	NOT-FOR-US: Budibase
 CVE-2026-46426 (Budibase is an open-source low-code platform. Prior to 3.38.2, the fil ...)
@@ -3291,7 +3294,10 @@ CVE-2026-2237 (A use of get request method with sensitive query strings vulnerab
 CVE-2026-2030 (The WPBakery Page Builder Addons by Livemesh plugin for WordPress is v ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-23679 (libusb before version 1.0.30 contains a NULL pointer dereference vulne ...)
-	TODO: check
+	- libusb-1.0 2:1.0.30-1
+	NOTE: https://github.com/libusb/libusb/issues/1813
+	NOTE: https://github.com/libusb/libusb/pull/1814
+	NOTE: https://github.com/libusb/libusb/commit/bc0886173ea15b8cc9bba2918f58a97a7f185231 (v1.0.30-rc2)
 CVE-2026-1718 (IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable ...)
 	NOT-FOR-US: IBM
 CVE-2026-1402 (GitLab has remediated an issue in GitLab CE/EE affecting all versions  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/707615c6d81108aa0dc5baae01639bd909709b60

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/707615c6d81108aa0dc5baae01639bd909709b60
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260601/9dca24ce/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list