[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Mar 7 20:13:20 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b098721f by security tracker role at 2026-03-07T20:13:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,101 @@
+CVE-2026-3670 (A vulnerability was detected in Freedom Factory dGEN1 up to 20260221.  ...)
+	TODO: check
+CVE-2026-3669 (A security vulnerability has been detected in Freedom Factory dGEN1 up ...)
+	TODO: check
+CVE-2026-3668 (A weakness has been identified in Freedom Factory dGEN1 up to 20260221 ...)
+	TODO: check
+CVE-2026-3667 (A security flaw has been discovered in Freedom Factory dGEN1 up to 202 ...)
+	TODO: check
+CVE-2026-3665 (A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The ...)
+	TODO: check
+CVE-2026-3664 (A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Imp ...)
+	TODO: check
+CVE-2026-3663 (A vulnerability was found in xlnt-community xlnt up to 1.6.1. This iss ...)
+	TODO: check
+CVE-2026-3662 (A vulnerability has been found in Wavlink WL-NU516U1 240425. This vuln ...)
+	TODO: check
+CVE-2026-3661 (A flaw has been found in Wavlink WL-NU516U1 240425. This affects the f ...)
+	TODO: check
+CVE-2026-30863 (Parse Server is an open source backend that can be deployed to any inf ...)
+	TODO: check
+CVE-2026-30861 (WeKnora is an LLM-powered framework designed for deep document underst ...)
+	TODO: check
+CVE-2026-30860 (WeKnora is an LLM-powered framework designed for deep document underst ...)
+	TODO: check
+CVE-2026-30859 (WeKnora is an LLM-powered framework designed for deep document underst ...)
+	TODO: check
+CVE-2026-30858 (WeKnora is an LLM-powered framework designed for deep document underst ...)
+	TODO: check
+CVE-2026-30857 (WeKnora is an LLM-powered framework designed for deep document underst ...)
+	TODO: check
+CVE-2026-30856 (WeKnora is an LLM-powered framework designed for deep document underst ...)
+	TODO: check
+CVE-2026-30855 (WeKnora is an LLM-powered framework designed for deep document underst ...)
+	TODO: check
+CVE-2026-30854 (Parse Server is an open source backend that can be deployed to any inf ...)
+	TODO: check
+CVE-2026-30852 (Caddy is an extensible server platform that uses TLS by default. From  ...)
+	TODO: check
+CVE-2026-30851 (Caddy is an extensible server platform that uses TLS by default. From  ...)
+	TODO: check
+CVE-2026-30850 (Parse Server is an open source backend that can be deployed to any inf ...)
+	TODO: check
+CVE-2026-30848 (Parse Server is an open source backend that can be deployed to any inf ...)
+	TODO: check
+CVE-2026-30838 (league/commonmark is a PHP Markdown parser. Prior to version 2.8.1, th ...)
+	TODO: check
+CVE-2026-30834 (PinchTab is a standalone HTTP server that gives AI agents direct contr ...)
+	TODO: check
+CVE-2026-30832 (Soft Serve is a self-hostable Git server for the command line. From ve ...)
+	TODO: check
+CVE-2026-2671 (A vulnerability was detected in Mendi Neurofeedback Headset V4. Affect ...)
+	TODO: check
+CVE-2026-29787 (mcp-memory-service is an open-source memory backend for multi-agent sy ...)
+	TODO: check
+CVE-2026-29786 (node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10,  ...)
+	TODO: check
+CVE-2026-29784 (Ghost is a Node.js content management system. From version 5.101.6 to  ...)
+	TODO: check
+CVE-2026-29781 (Sliver is a command and control framework that uses a custom Wireguard ...)
+	TODO: check
+CVE-2026-29780 (eml_parser serves as a python module for parsing eml files and returni ...)
+	TODO: check
+CVE-2026-29779 (UptimeFlare is a serverless uptime monitoring & status page solution,  ...)
+	TODO: check
+CVE-2026-29778 (pyLoad is a free and open-source download manager written in Python. F ...)
+	TODO: check
+CVE-2026-29771 (Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /a ...)
+	TODO: check
+CVE-2026-29196 (Netmaker makes networks with WireGuard. Prior to version 1.5.0, a user ...)
+	TODO: check
+CVE-2026-29195 (Netmaker makes networks with WireGuard. Prior to version 1.5.0, the us ...)
+	TODO: check
+CVE-2026-29194 (Netmaker makes networks with WireGuard. Prior to version 1.5.0, the Au ...)
+	TODO: check
+CVE-2026-29193 (ZITADEL is an open source identity management platform. From version 4 ...)
+	TODO: check
+CVE-2026-29192 (ZITADEL is an open source identity management platform. From version 4 ...)
+	TODO: check
+CVE-2026-29191 (ZITADEL is an open source identity management platform. From version 4 ...)
+	TODO: check
+CVE-2026-29190 (Karapace is an open-source implementation of Kafka REST and Schema Reg ...)
+	TODO: check
+CVE-2026-29186 (Backstage is an open framework for building developer portals. Prior t ...)
+	TODO: check
+CVE-2026-29185 (Backstage is an open framework for building developer portals. Prior t ...)
+	TODO: check
+CVE-2026-29184 (Backstage is an open framework for building developer portals. Prior t ...)
+	TODO: check
+CVE-2026-29076 (cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTT ...)
+	TODO: check
+CVE-2026-29067 (ZITADEL is an open source identity management platform. From version 4 ...)
+	TODO: check
+CVE-2026-28678 (DSA Study Hub is an interactive educational web application. Prior to  ...)
+	TODO: check
+CVE-2026-24308 (Improper handling of configuration values in ZKConfig in Apache ZooKee ...)
+	TODO: check
+CVE-2026-24281 (Hostname verification in Apache ZooKeeper ZKTrustManager falls back to ...)
+	TODO: check
 CVE-2026-3352 (The Easy PHP Settings plugin for WordPress is vulnerable to PHP Code I ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-3233
@@ -1608,7 +1706,7 @@ CVE-2025-46108 (D-link Dir-513 A1FW110 is vulnerable to Buffer Overflow in the f
 	NOT-FOR-US: D-Link
 CVE-2025-41257 (Suprema\u2019s BioStar 2 in version 2.9.11.6 allows users to set new p ...)
 	NOT-FOR-US: Suprema BioStar
-CVE-2026-2219 [dpkg-deb: Persistent hang on malformed .deb archives (DoS)]
+CVE-2026-2219 (It was discovered that dpkg-deb (a component of dpkg, the Debian packa ...)
 	- dpkg 1.23.6 (bug #1129722)
 	[trixie] - dpkg <no-dsa> (Minor issue; can be fixed in point release)
 	[bookworm] - dpkg <no-dsa> (Minor issue; can be fixed in point release)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b098721fed0c22d80f0afbe2b0d215767d500fd4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b098721fed0c22d80f0afbe2b0d215767d500fd4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260307/00c530d1/attachment.htm>

More information about the debian-security-tracker-commits mailing list