[Git][security-tracker-team/security-tracker][master] Add CVE-2026-57918/libnfs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jun 26 20:33:12 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3de0f28a by Salvatore Bonaccorso at 2026-06-26T21:32:52+02:00
Add CVE-2026-57918/libnfs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -26,7 +26,8 @@ CVE-2026-57921 (In JetBrains YouTrack before 2026.2.16593 improper access contro
 CVE-2026-57920 (Peplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a s ...)
 	NOT-FOR-US: Peplink InControl
 CVE-2026-57918 (libnfs through 6.0.2 before 935b8db has an xid integer underflow in RE ...)
-	TODO: check
+	- libnfs <unfixed>
+	NOTE: https://github.com/sahlberg/libnfs/commit/935b8db712b3c6649bc57ddc276526c4a31680de
 CVE-2026-57915 (It is possible to bypass the Kerberos pre-authentication check in Apac ...)
 	TODO: check
 CVE-2026-57914 (By sending a deeply nested ASN1 structure to a Apache Kerby client or  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3de0f28aa88a61711f3e543ffbd6c9ce8efde1ce

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3de0f28aa88a61711f3e543ffbd6c9ce8efde1ce
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260626/8851b498/attachment.htm>


More information about the debian-security-tracker-commits mailing list