[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-41570

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 1 08:51:14 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0c169cae by Salvatore Bonaccorso at 2026-06-01T09:50:29+02:00
Update status for CVE-2026-41570

Thanks: David Prévot

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14201,9 +14201,10 @@ CVE-2026-41575 (In th30d4y/IP from version 1.0.1 to before version 2.0.1, a DOM-
 CVE-2026-41574 (Nhost is an open source Firebase alternative with GraphQL. Prior to ve ...)
 	NOT-FOR-US: Nhost
 CVE-2026-41570 (PHPUnit is a testing framework for PHP. In versions 12.5.21 and 13.1.5 ...)
-	- phpunit <unfixed>
+	- phpunit <not-affected> (Vulnerable code not present in a Debian released version in unstable)
 	NOTE: https://github.com/sebastianbergmann/phpunit/security/advisories/GHSA-qrr6-mg7r-m243
-	NOTE: https://github.com/sebastianbergmann/phpunit/pull/6592
+	NOTE: Introduced by: https://github.com/sebastianbergmann/phpunit/issues/5860 (12.5.21, 13.1.5)
+	NOTE: Fixed by: https://github.com/sebastianbergmann/phpunit/pull/6592 (12.5.22, 13.1.6)
 CVE-2026-41524 (Brave CMS is an open-source CMS. Prior to commit 6c56603, page and art ...)
 	NOT-FOR-US: Brave CMS
 CVE-2026-41512 (ai-scanner is an AI model safety scanner built on NVIDIA garak. From v ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0c169cae95eea7133ffc21b1b45b491431aeaea4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0c169cae95eea7133ffc21b1b45b491431aeaea4
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260601/74df061e/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list