[Git][security-tracker-team/security-tracker][master] Add CVE-2026-56774/kanboard

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 25 21:18:26 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b1d6daf4 by Salvatore Bonaccorso at 2026-06-25T22:18:07+02:00
Add CVE-2026-56774/kanboard

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -121,7 +121,10 @@ CVE-2026-56786 (RTKLIB through 2.4.3 contains an out-of-bounds write vulnerabili
 CVE-2026-56779 (MaxKB before 2.10.0 contains a server-side request forgery vulnerabili ...)
 	NOT-FOR-US: MaxKB
 CVE-2026-56774 (Kanboard through 1.2.52, fixed in commit 928c68a, UserViewController:: ...)
-	TODO: check
+	- kanboard <unfixed>
+	NOTE: https://github.com/kanboard/kanboard/issues/5829
+	NOTE: https://github.com/kanboard/kanboard/pull/5831
+	NOTE: Fixed by: https://github.com/kanboard/kanboard/commit/928c68aa2b7c00092dd71084d329b912e229f3d1
 CVE-2026-56772 (NewsBlur before 14.5.0 contains a broken access control vulnerability  ...)
 	NOT-FOR-US: NewsBlur
 CVE-2026-56771 (NewsBlur before version 14.5.0 contains a server-side request forgery  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b1d6daf44d9a948173ef43ff99cc4536a243f359

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b1d6daf44d9a948173ef43ff99cc4536a243f359
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260625/a9428084/attachment.htm>


More information about the debian-security-tracker-commits mailing list