[Git][security-tracker-team/security-tracker][master] Add CVE-2026-26740/giflib
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Mar 19 06:07:28 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b8e1b22f by Salvatore Bonaccorso at 2026-03-19T07:06:53+01:00
Add CVE-2026-26740/giflib
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -129,7 +129,9 @@ CVE-2026-26948 (Dell Integrated Dell Remote Access Controller 9, 14G versions pr
CVE-2026-26945 (Dell Integrated Dell Remote Access Controller 9, 14G versions prior to ...)
NOT-FOR-US: Dell / EMC
CVE-2026-26740 (Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attack ...)
- TODO: check
+ - giflib <unfixed>
+ NOTE: https://github.com/zakkanijia/POC/blob/main/giflib/giftool/giflib_giftool_gce_len_heap_oobwrite_disclosure.md
+ TODO: check report upstream
CVE-2026-25449 (Deserialization of Untrusted Data vulnerability in Shinetheme Traveler ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-24063 (When a plugin is installed using the Arturia Software Center (MacOS), ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b8e1b22fb9d0831a5f9d32d4c595810422770cd5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b8e1b22fb9d0831a5f9d32d4c595810422770cd5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260319/6ffaba53/attachment.htm>
More information about the debian-security-tracker-commits
mailing list