[Git][security-tracker-team/security-tracker][master] Add CVE-2026-48990/joserfc
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jun 18 09:51:30 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
07f9a85d by Salvatore Bonaccorso at 2026-06-18T10:51:08+02:00
Add CVE-2026-48990/joserfc
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -63,7 +63,8 @@ CVE-2026-48997 (e107 is a content management system (CMS). Versions 2.3.5 and e
CVE-2026-48991 (XianYuLauncher is a Minecraft Java Edition launcher. In versions prior ...)
NOT-FOR-US: XianYuLauncher
CVE-2026-48990 (joserfc is a Python library that provides an implementation of several ...)
- TODO: check
+ - joserfc 1.6.8-1
+ NOTE: https://github.com/authlib/joserfc/security/advisories/GHSA-wphv-vfrh-23q5
CVE-2026-48989 (Windows-MCP is an open-source project that integrates AI agents with W ...)
NOT-FOR-US: Windows-MCP
CVE-2026-48988 (markdown-it is a Markdown parser. Versions 14.1.1 and below contain a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/07f9a85d8ce27fc98493134db9c011ebf41c988b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/07f9a85d8ce27fc98493134db9c011ebf41c988b
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260618/5858c0bb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list