[Git][security-tracker-team/security-tracker][master] Add new caddy issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jun 24 09:38:47 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
93216a06 by Salvatore Bonaccorso at 2026-06-24T10:38:21+02:00
Add new caddy issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -605,11 +605,14 @@ CVE-2026-53753 (Crawl4AI is an open-source LLM friendly web crawler & scraper. P
 CVE-2026-53662 (immich is a high performance self-hosted photo and video management so ...)
 	NOT-FOR-US: immich
 CVE-2026-52846 (Caddy is an extensible server platform that uses TLS by default. Prior ...)
-	TODO: check
+	- caddy <unfixed>
+	NOTE: https://github.com/caddyserver/caddy/security/advisories/GHSA-vcc4-2c75-vc9v
 CVE-2026-52845 (Caddy is an extensible server platform that uses TLS by default. Prior ...)
-	TODO: check
+	- caddy <unfixed>
+	NOTE: https://github.com/caddyserver/caddy/security/advisories/GHSA-f59h-q822-g45g
 CVE-2026-52844 (Caddy is an extensible server platform that uses TLS by default. Prior ...)
-	TODO: check
+	- caddy <unfixed>
+	NOTE: https://github.com/caddyserver/caddy/security/advisories/GHSA-qrp7-cvwr-j2c6
 CVE-2026-52673 (SQL Injection vulnerability in Cboard v.0.4.2 and before allows a remo ...)
 	NOT-FOR-US: Cboard
 CVE-2026-50574 (yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09,  ...)
@@ -649,9 +652,11 @@ CVE-2026-48519 (Langflow is a tool for building and deploying AI-powered agents
 CVE-2026-45732 (n8n is an open source workflow automation platform. Prior to 1.123.43, ...)
 	NOT-FOR-US: n8n
 CVE-2026-45692 (Caddy is an extensible server platform that uses TLS by default. From  ...)
-	TODO: check
+	- caddy <unfixed>
+	NOTE: https://github.com/caddyserver/caddy/security/advisories/GHSA-x5w9-xh9r-mvfc
 CVE-2026-45135 (Caddy is an extensible server platform that uses TLS by default. From  ...)
-	TODO: check
+	- caddy <unfixed>
+	NOTE: https://github.com/caddyserver/caddy/security/advisories/GHSA-m675-2p33-xv9g
 CVE-2026-44792 (n8n is an open source workflow automation platform. Prior to 1.123.43, ...)
 	NOT-FOR-US: n8n
 CVE-2026-44791 (n8n is an open source workflow automation platform. Prior to 1.123.43, ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93216a069e3a1d73ff85e7b823eae0bc31398261

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93216a069e3a1d73ff85e7b823eae0bc31398261
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260624/00dbf153/attachment.htm>


More information about the debian-security-tracker-commits mailing list