[Git][security-tracker-team/security-tracker][master] NFU Apache Kvrocks

Henri Salo (@hsalo-guest) gitlab at salsa.debian.org
Thu Jun 25 10:52:52 BST 2026



Henri Salo pushed to branch master at Debian Security Tracker / security-tracker


Commits:
726a4d66 by Henri Salo at 2026-06-25T12:52:40+03:00
NFU Apache Kvrocks

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3968,6 +3968,8 @@ CVE-2026-54419 (claudiopizzillo PIAF-HMS (PBX-In-A-Flash Hotel Management System
 	NOT-FOR-US: PBX-In-A-Flash Hotel Management System
 CVE-2026-54390 (JTL Shop versions 5.2.0 through 5.7.1 contains a server-side template  ...)
 	NOT-FOR-US: JTL Shop
+CVE-2026-54226
+	NOT-FOR-US: Apache Kvrocks
 CVE-2026-54224 (UBB.threads is vulnerable to Denial of Service (DoS). By sending multi ...)
 	NOT-FOR-US: UBB.threads
 CVE-2026-54223 (UBB.threads is vulnerable to Path traversal, allowing attackers with p ...)
@@ -12223,6 +12225,8 @@ CVE-2026-41567 (Moby is an open source container framework. In versions prior to
 	- docker.io 28.5.2+dfsg4-3 (bug #1139965)
 	NOTE: https://github.com/moby/moby/security/advisories/GHSA-x86f-5xw2-fm2r
 	NOTE: Fixed by: https://github.com/moby/moby/commit/2022313ffe5a8c04890b5295bc52670ee6df8070 (docker-v29.5.1)
+CVE-2026-41566
+	NOT-FOR-US: Apache Kvrocks
 CVE-2026-41522 (Iris is a web collaborative platform that helps incident responders sh ...)
 	NOT-FOR-US: DFIR-IRIS
 CVE-2026-41518 (Chartbrew is an open-source web application that can connect directly  ...)
@@ -25128,6 +25132,8 @@ CVE-2026-45442 (Missing Authorization vulnerability in Brainstorm Force Presto P
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2026-45434 (Improper Authentication vulnerability in Apache OFBiz via Password-Cha ...)
 	NOT-FOR-US: Apache software not packaged in Debian
+CVE-2026-45188
+	NOT-FOR-US: Apache Kvrocks
 CVE-2026-45187 (Improper Authorization vulnerability in Apache OFBiz Webtools.  This i ...)
 	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-44408 (There is an unauthorized access vulnerability in ZTE MU5250. Due to im ...)
@@ -60232,6 +60238,10 @@ CVE-2026-4676 (Use after free in Dawn in Google Chrome prior to 146.0.7680.165 a
 	{DSA-6177-1}
 	- chromium 146.0.7680.164-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
+CVE-2026-46752
+	NOT-FOR-US: Apache Kvrocks
+CVE-2026-46751
+	NOT-FOR-US: Apache Kvrocks
 CVE-2026-4675 (Heap buffer overflow in WebGL in Google Chrome prior to 146.0.7680.165 ...)
 	{DSA-6177-1}
 	- chromium 146.0.7680.164-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/726a4d664b1f13d42ad0ecca6bb89d6ad47b3bad

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/726a4d664b1f13d42ad0ecca6bb89d6ad47b3bad
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260625/11e5301d/attachment.htm>


More information about the debian-security-tracker-commits mailing list