[Git][security-tracker-team/security-tracker][master] Add CVE-2026-55599/phpseclib

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 23 11:59:21 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4aa6c5f4 by Salvatore Bonaccorso at 2026-06-23T12:58:55+02:00
Add CVE-2026-55599/phpseclib

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -55,7 +55,10 @@ CVE-2026-55653 (A flaw was found in OpenSSH. A malicious SSH server can exploit
 CVE-2026-55603 (http-proxy-middleware is node.js http-proxy middleware. From 3.0.4 unt ...)
 	NOT-FOR-US: http-proxy-middleware Node.js module
 CVE-2026-55599 (phpseclib is a PHP secure communications library. From 0.1.1 until 1.0 ...)
-	TODO: check
+	- php-phpseclib3 3.0.55-1
+	- php-phpseclib 2.0.55-1
+	- phpseclib 1.0.30-1
+	NOTE: https://github.com/phpseclib/phpseclib/security/advisories/GHSA-m557-wrgg-6rp4
 CVE-2026-55409 (Filament is a collection of full-stack components for accelerated Lara ...)
 	NOT-FOR-US: Filament
 CVE-2026-54911 (UltraJSON is a fast JSON encoder and decoder written in pure C with bi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4aa6c5f4400a18fcad06c9ed247e43b0da91618e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4aa6c5f4400a18fcad06c9ed247e43b0da91618e
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260623/21e4c8e0/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list