[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 25 08:15:19 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a7d9ccfe by security tracker role at 2026-03-25T08:13:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,247 @@
-CVE-2026-4371
+CVE-2026-4784 (A vulnerability was found in code-projects Simple Laundry System 1.0. ...)
+ TODO: check
+CVE-2026-4783 (A vulnerability has been found in itsourcecode College Management Syst ...)
+ TODO: check
+CVE-2026-4781 (A flaw has been found in SourceCodester Sales and Inventory System 1.0 ...)
+ TODO: check
+CVE-2026-4780 (A vulnerability was detected in SourceCodester Sales and Inventory Sys ...)
+ TODO: check
+CVE-2026-4779 (A security vulnerability has been detected in SourceCodester Sales and ...)
+ TODO: check
+CVE-2026-4778 (A weakness has been identified in SourceCodester Sales and Inventory S ...)
+ TODO: check
+CVE-2026-4777 (A security flaw has been discovered in SourceCodester Sales and Invent ...)
+ TODO: check
+CVE-2026-4766 (The Easy Image Gallery plugin for WordPress is vulnerable to Stored Cr ...)
+ TODO: check
+CVE-2026-4433 (An SSH misconfigurations exists in Tenable OT that led to the potentia ...)
+ TODO: check
+CVE-2026-3912 (Injection vulnerabilities due to validation/sanitisation of user-suppl ...)
+ TODO: check
+CVE-2026-33253 (SANUPS SOFTWARE provided by SANYO DENKI CO., LTD. registers Windows se ...)
+ TODO: check
+CVE-2026-33215 (NATS-Server is a High-Performance server for NATS.io, a cloud and edge ...)
+ TODO: check
+CVE-2026-32326 (SHARP routers do not perform authentication for some web APIs. The dev ...)
+ TODO: check
+CVE-2026-2343 (The PeproDev Ultimate Invoice WordPress plugin through 2.2.5 has a bul ...)
+ TODO: check
+CVE-2026-2072 (Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics ...)
+ TODO: check
+CVE-2026-28895 (The issue was addressed with improved checks. This issue is fixed in i ...)
+ TODO: check
+CVE-2026-28894 (A denial-of-service issue was addressed with improved input validation ...)
+ TODO: check
+CVE-2026-28893 (A privacy issue was addressed with improved handling of temporary file ...)
+ TODO: check
+CVE-2026-28892 (A permissions issue was addressed by removing the vulnerable code. Thi ...)
+ TODO: check
+CVE-2026-28891 (A race condition was addressed with additional validation. This issue ...)
+ TODO: check
+CVE-2026-28890 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
+CVE-2026-28889 (A permissions issue was addressed with additional restrictions. This i ...)
+ TODO: check
+CVE-2026-28888 (A race condition was addressed with improved state handling. This issu ...)
+ TODO: check
+CVE-2026-28886 (A null pointer dereference was addressed with improved input validatio ...)
+ TODO: check
+CVE-2026-28882 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2026-28881 (A privacy issue was addressed by moving sensitive data. This issue is ...)
+ TODO: check
+CVE-2026-28880 (A permissions issue was addressed with additional restrictions. This i ...)
+ TODO: check
+CVE-2026-28879 (A use-after-free issue was addressed with improved memory management. ...)
+ TODO: check
+CVE-2026-28878 (A privacy issue was addressed by removing sensitive data. This issue i ...)
+ TODO: check
+CVE-2026-28877 (An authorization issue was addressed with improved state management. T ...)
+ TODO: check
+CVE-2026-28876 (A parsing issue in the handling of directory paths was addressed with ...)
+ TODO: check
+CVE-2026-28875 (A buffer overflow was addressed with improved bounds checking. This is ...)
+ TODO: check
+CVE-2026-28874 (The issue was addressed with improved checks. This issue is fixed in i ...)
+ TODO: check
+CVE-2026-28871 (A logic issue was addressed with improved checks. This issue is fixed ...)
+ TODO: check
+CVE-2026-28870 (An information leakage was addressed with additional validation. This ...)
+ TODO: check
+CVE-2026-28868 (A logging issue was addressed with improved data redaction. This issue ...)
+ TODO: check
+CVE-2026-28867 (This issue was addressed with improved authentication. This issue is f ...)
+ TODO: check
+CVE-2026-28866 (This issue was addressed with improved validation of symlinks. This is ...)
+ TODO: check
+CVE-2026-28865 (An authentication issue was addressed with improved state management. ...)
+ TODO: check
+CVE-2026-28864 (This issue was addressed with improved permissions checking. This issu ...)
+ TODO: check
+CVE-2026-28863 (A permissions issue was addressed with additional restrictions. This i ...)
+ TODO: check
+CVE-2026-28862 (A privacy issue was addressed with improved private data redaction for ...)
+ TODO: check
+CVE-2026-28861 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
+CVE-2026-28859 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
+CVE-2026-28858 (A buffer overflow was addressed with improved bounds checking. This is ...)
+ TODO: check
+CVE-2026-28857 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
+CVE-2026-28856 (The issue was addressed with improved authentication. This issue is fi ...)
+ TODO: check
+CVE-2026-28855 (A permissions issue was addressed with additional restrictions. This i ...)
+ TODO: check
+CVE-2026-28852 (A stack overflow was addressed with improved input validation. This is ...)
+ TODO: check
+CVE-2026-28845 (An authorization issue was addressed with improved state management. T ...)
+ TODO: check
+CVE-2026-28844 (A file access issue was addressed with improved input validation. This ...)
+ TODO: check
+CVE-2026-28842 (The issue was addressed with improved bounds checks. This issue is fix ...)
+ TODO: check
+CVE-2026-28841 (A buffer overflow was addressed with improved size validation. This is ...)
+ TODO: check
+CVE-2026-28839 (The issue was addressed with improved checks. This issue is fixed in m ...)
+ TODO: check
+CVE-2026-28838 (A permissions issue was addressed with additional sandbox restrictions ...)
+ TODO: check
+CVE-2026-28837 (A logic issue was addressed with improved checks. This issue is fixed ...)
+ TODO: check
+CVE-2026-28835 (A use-after-free issue was addressed with improved memory management. ...)
+ TODO: check
+CVE-2026-28834 (A race condition was addressed with improved state handling. This issu ...)
+ TODO: check
+CVE-2026-28833 (A permissions issue was addressed with additional restrictions. This i ...)
+ TODO: check
+CVE-2026-28832 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
+CVE-2026-28831 (An authorization issue was addressed with improved state management. T ...)
+ TODO: check
+CVE-2026-28829 (A permissions issue was addressed with additional restrictions. This i ...)
+ TODO: check
+CVE-2026-28828 (A permissions issue was addressed by removing the vulnerable code. Thi ...)
+ TODO: check
+CVE-2026-28827 (A parsing issue in the handling of directory paths was addressed with ...)
+ TODO: check
+CVE-2026-28826 (A logic issue was addressed with improved restrictions. This issue is ...)
+ TODO: check
+CVE-2026-28825 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
+CVE-2026-28824 (An authorization issue was addressed with improved state management. T ...)
+ TODO: check
+CVE-2026-28823 (A path handling issue was addressed with improved validation. This iss ...)
+ TODO: check
+CVE-2026-28822 (A type confusion issue was addressed with improved memory handling. Th ...)
+ TODO: check
+CVE-2026-28821 (A validation issue existed in the entitlement verification. This issue ...)
+ TODO: check
+CVE-2026-28820 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2026-28818 (A logging issue was addressed with improved data redaction. This issue ...)
+ TODO: check
+CVE-2026-28817 (A race condition was addressed with improved state handling. This issu ...)
+ TODO: check
+CVE-2026-28816 (A path handling issue was addressed with improved validation. This iss ...)
+ TODO: check
+CVE-2026-26306 (The installer for OM Workspace (Windows Edition) Ver 2.4 and earlier i ...)
+ TODO: check
+CVE-2026-24159 (NVIDIA NeMo Framework contains a vulnerability where an attacker may c ...)
+ TODO: check
+CVE-2026-24158 (NVIDIA Triton Inference Server contains a vulnerability in the HTTP en ...)
+ TODO: check
+CVE-2026-24157 (NVIDIA NeMo Framework contains a vulnerability in checkpoint loading w ...)
+ TODO: check
+CVE-2026-24152 (NVIDIA Megatron-LM contains a vulnerability in checkpoint loading wher ...)
+ TODO: check
+CVE-2026-24151 (NVIDIA Megatron-LM contains a vulnerability in inferencing where an At ...)
+ TODO: check
+CVE-2026-24150 (NVIDIA Megatron-LM contains a vulnerability in checkpoint loading wher ...)
+ TODO: check
+CVE-2026-24141 (NVIDIA Model Optimizer for Windows and Linux contains a vulnerability ...)
+ TODO: check
+CVE-2026-21790 (HCL Traveler is susceptible to a weak default HTTP header validation v ...)
+ TODO: check
+CVE-2026-20701 (An access issue was addressed with additional sandbox restrictions. Th ...)
+ TODO: check
+CVE-2026-20699 (A downgrade issue affecting Intel-based Mac computers was addressed wi ...)
+ TODO: check
+CVE-2026-20698 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
+CVE-2026-20697 (A permissions issue was addressed with additional restrictions. This i ...)
+ TODO: check
+CVE-2026-20695 (An information disclosure issue was addressed with improved memory man ...)
+ TODO: check
+CVE-2026-20694 (This issue was addressed with improved handling of symlinks. This issu ...)
+ TODO: check
+CVE-2026-20693 (This issue was addressed through improved state management. This issue ...)
+ TODO: check
+CVE-2026-20692 (A privacy issue was addressed with improved handling of user preferenc ...)
+ TODO: check
+CVE-2026-20691 (An authorization issue was addressed with improved state management. T ...)
+ TODO: check
+CVE-2026-20690 (An out-of-bounds access issue was addressed with improved bounds check ...)
+ TODO: check
+CVE-2026-20688 (A path handling issue was addressed with improved validation. This iss ...)
+ TODO: check
+CVE-2026-20687 (A use after free issue was addressed with improved memory management. ...)
+ TODO: check
+CVE-2026-20686 (This issue was addressed with improved input validation. This issue is ...)
+ TODO: check
+CVE-2026-20684 (A permissions issue was addressed with additional restrictions. This i ...)
+ TODO: check
+CVE-2026-20670 (An authorization issue was addressed with improved state management. T ...)
+ TODO: check
+CVE-2026-20668 (A logging issue was addressed with improved data redaction. This issue ...)
+ TODO: check
+CVE-2026-20665 (This issue was addressed through improved state management. This issue ...)
+ TODO: check
+CVE-2026-20664 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
+CVE-2026-20657 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
+CVE-2026-20651 (A privacy issue was addressed with improved handling of temporary file ...)
+ TODO: check
+CVE-2026-20639 (An integer overflow was addressed with improved input validation. This ...)
+ TODO: check
+CVE-2026-20637 (A use after free issue was addressed with improved memory management. ...)
+ TODO: check
+CVE-2026-20633 (This issue was addressed with improved handling of symlinks. This issu ...)
+ TODO: check
+CVE-2026-20632 (A parsing issue in the handling of directory paths was addressed with ...)
+ TODO: check
+CVE-2026-20631 (A logic issue was addressed with improved checks. This issue is fixed ...)
+ TODO: check
+CVE-2026-20622 (A privacy issue was addressed with improved handling of temporary file ...)
+ TODO: check
+CVE-2026-20607 (A permissions issue was addressed with additional restrictions. This i ...)
+ TODO: check
+CVE-2026-1166 (Open Redirect vulnerability in Hitachi Ops Center Administrator.This i ...)
+ TODO: check
+CVE-2025-43534 (A path handling issue was addressed with improved validation. This iss ...)
+ TODO: check
+CVE-2025-33254 (NVIDIA Triton Inference Server contains a vulnerability where an attac ...)
+ TODO: check
+CVE-2025-33248 (NVIDIA Megatron-LM contains a vulnerability in the hybrid conversion s ...)
+ TODO: check
+CVE-2025-33247 (NVIDIA Megatron LM contains a vulnerability in quantization configurat ...)
+ TODO: check
+CVE-2025-33244 (NVIDIA APEX for Linux contains a vulnerability where an unauthorized a ...)
+ TODO: check
+CVE-2025-33242 (NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could all ...)
+ TODO: check
+CVE-2025-33238 (NVIDIA Triton Inference Server Sagemaker HTTP server contains a vulner ...)
+ TODO: check
+CVE-2025-33216 (NVIDIA SNAP-4 Container contains a vulnerability in the configuration ...)
+ TODO: check
+CVE-2025-33215 (NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK com ...)
+ TODO: check
+CVE-2026-4371 (A malicious mail server could send malformed strings with negative len ...)
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-24/#CVE-2026-4371
-CVE-2026-3889
+CVE-2026-3889 (Spoofing issue in Thunderbird. This vulnerability affects Thunderbird ...)
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-24/#CVE-2026-3889
CVE-2026-3836
@@ -843,27 +1083,35 @@ CVE-2025-60946 (Census CSWeb 8.0.1 allows arbitrary file path input. A remote, a
CVE-2025-41660 (A low-privileged remote attacker may be able to replace the boot appli ...)
NOT-FOR-US: CODESYS
CVE-2026-4680 (Use after free in FedCM in Google Chrome prior to 146.0.7680.165 allow ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4679 (Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 all ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4678 (Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allo ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4677 (Inappropriate implementation in WebAudio in Google Chrome prior to 146 ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4676 (Use after free in Dawn in Google Chrome prior to 146.0.7680.165 allowe ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4675 (Heap buffer overflow in WebGL in Google Chrome prior to 146.0.7680.165 ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4674 (Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 all ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4673 (Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680. ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4647 (A flaw was found in the GNU Binutils BFD library, a widely used compon ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7d9ccfec43f60877a56b6b6a56cd3025a7531bb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7d9ccfec43f60877a56b6b6a56cd3025a7531bb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260325/375d9f54/attachment.htm>
More information about the debian-security-tracker-commits
mailing list