[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 25 20:13:22 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f57ed062 by security tracker role at 2026-03-25T20:13:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,16 +1,710 @@
-CVE-2026-1519 [Excessive NSEC3 iterations cause high CPU load during insecure delegation validation]
+CVE-2026-4816 (A Reflected Cross Site Scripting (XSS) vulnerability has been found in ...)
+ TODO: check
+CVE-2026-4815 (A SQL Injection vulnerability has been found in Support Board v3.7.7. ...)
+ TODO: check
+CVE-2026-4761 (When a certificate and its private key are installed in the Windows ma ...)
+ TODO: check
+CVE-2026-4760 (From Panorama Web HMI, an attacker can gain read access to certain Web ...)
+ TODO: check
+CVE-2026-4363 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
+ TODO: check
+CVE-2026-3988 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2026-3857 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2026-3218 (Improper Neutralization of Input During Web Page Generation ("Cross-si ...)
+ TODO: check
+CVE-2026-3217 (Improper Neutralization of Input During Web Page Generation ("Cross-si ...)
+ TODO: check
+CVE-2026-3216 (Server-Side Request Forgery (SSRF) vulnerability in Drupal Drupal Canv ...)
+ TODO: check
+CVE-2026-3215 (Improper Neutralization of Input During Web Page Generation ("Cross-si ...)
+ TODO: check
+CVE-2026-3214 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+ TODO: check
+CVE-2026-3213 (Improper Neutralization of Input During Web Page Generation ("Cross-si ...)
+ TODO: check
+CVE-2026-3212 (Improper Neutralization of Input During Web Page Generation ("Cross-si ...)
+ TODO: check
+CVE-2026-3211 (Cross-Site Request Forgery (CSRF) vulnerability in Drupal Theme Negoti ...)
+ TODO: check
+CVE-2026-3210 (Incorrect Authorization vulnerability in Drupal Material Icons allows ...)
+ TODO: check
+CVE-2026-3126
+ REJECTED
+CVE-2026-34085 (fontconfig before 2.17.1 has an off-by-one error in allocation during ...)
+ TODO: check
+CVE-2026-33809 (A maliciously crafted TIFF file can cause image decoding to attempt to ...)
+ TODO: check
+CVE-2026-33751 (n8n is an open source workflow automation platform. Prior to versions ...)
+ TODO: check
+CVE-2026-33749 (n8n is an open source workflow automation platform. Prior to versions ...)
+ TODO: check
+CVE-2026-33724 (n8n is an open source workflow automation platform. Prior to version 2 ...)
+ TODO: check
+CVE-2026-33722 (n8n is an open source workflow automation platform. Prior to versions ...)
+ TODO: check
+CVE-2026-33720 (n8n is an open source workflow automation platform. Prior to version 2 ...)
+ TODO: check
+CVE-2026-33713 (n8n is an open source workflow automation platform. Prior to versions ...)
+ TODO: check
+CVE-2026-33696 (n8n is an open source workflow automation platform. Prior to versions ...)
+ TODO: check
+CVE-2026-33665 (n8n is an open source workflow automation platform. Prior to versions ...)
+ TODO: check
+CVE-2026-33663 (n8n is an open source workflow automation platform. Prior to versions ...)
+ TODO: check
+CVE-2026-33660 (n8n is an open source workflow automation platform. Prior to versions ...)
+ TODO: check
+CVE-2026-33268 (Nanoleaf Lines 12.3.2 does not authenticate firmware file uploads. A r ...)
+ TODO: check
+CVE-2026-33247 (NATS-Server is a High-Performance server for NATS.io, a cloud and edge ...)
+ TODO: check
+CVE-2026-33246 (NATS-Server is a High-Performance server for NATS.io, a cloud and edge ...)
+ TODO: check
+CVE-2026-33219 (NATS-Server is a High-Performance server for NATS.io, a cloud and edge ...)
+ TODO: check
+CVE-2026-33218 (NATS-Server is a High-Performance server for NATS.io, a cloud and edge ...)
+ TODO: check
+CVE-2026-33217 (NATS-Server is a High-Performance server for NATS.io, a cloud and edge ...)
+ TODO: check
+CVE-2026-33216 (NATS-Server is a High-Performance server for NATS.io, a cloud and edge ...)
+ TODO: check
+CVE-2026-32573 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2026-32567 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2026-32562 (Missing Authorization vulnerability in WP Folio Team PPWP password-pro ...)
+ TODO: check
+CVE-2026-32546 (Missing Authorization vulnerability in StellarWP Restrict Content rest ...)
+ TODO: check
+CVE-2026-32545 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-32544 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-32542 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-32541 (Missing Authorization vulnerability in Premmerce Premmerce Redirect Ma ...)
+ TODO: check
+CVE-2026-32540 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-32539 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-32538 (Insertion of Sensitive Information Into Sent Data vulnerability in Noo ...)
+ TODO: check
+CVE-2026-32537 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-32536 (Unrestricted Upload of File with Dangerous Type vulnerability in halfd ...)
+ TODO: check
+CVE-2026-32535 (Authorization Bypass Through User-Controlled Key vulnerability in Joom ...)
+ TODO: check
+CVE-2026-32534 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-32533 (Authorization Bypass Through User-Controlled Key vulnerability in Late ...)
+ TODO: check
+CVE-2026-32532 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-32531 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-32530 (Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS ...)
+ TODO: check
+CVE-2026-32529 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-32528 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-32527 (Missing Authorization vulnerability in CRM Perks WP Insightly for Cont ...)
+ TODO: check
+CVE-2026-32526 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-32525 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2026-32524 (Unrestricted Upload of File with Dangerous Type vulnerability in Jordy ...)
+ TODO: check
+CVE-2026-32523 (Unrestricted Upload of File with Dangerous Type vulnerability in denis ...)
+ TODO: check
+CVE-2026-32522 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2026-32521 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-32520 (Incorrect Privilege Assignment vulnerability in Andrew Munro / Affilia ...)
+ TODO: check
+CVE-2026-32519 (Incorrect Privilege Assignment vulnerability in Bit Apps Bit SMTP bit- ...)
+ TODO: check
+CVE-2026-32518 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-32517 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-32516 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-32515 (Missing Authorization vulnerability in kamleshyadav Miraculous miracul ...)
+ TODO: check
+CVE-2026-32514 (Missing Authorization vulnerability in Anton Voytenko Petitioner petit ...)
+ TODO: check
+CVE-2026-32513 (Deserialization of Untrusted Data vulnerability in Miguel Useche JS Ar ...)
+ TODO: check
+CVE-2026-32512 (Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicul ...)
+ TODO: check
+CVE-2026-32511 (Deserialization of Untrusted Data vulnerability in Mikado-Themes St\xe ...)
+ TODO: check
+CVE-2026-32510 (Deserialization of Untrusted Data vulnerability in Edge-Themes Kampere ...)
+ TODO: check
+CVE-2026-32509 (Deserialization of Untrusted Data vulnerability in Edge-Themes Gracey ...)
+ TODO: check
+CVE-2026-32508 (Deserialization of Untrusted Data vulnerability in Mikado-Themes Halst ...)
+ TODO: check
+CVE-2026-32507 (Deserialization of Untrusted Data vulnerability in Elated-Themes Lerou ...)
+ TODO: check
+CVE-2026-32506 (Deserialization of Untrusted Data vulnerability in Edge-Themes Archico ...)
+ TODO: check
+CVE-2026-32505 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-32504 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-32503 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-32502 (Deserialization of Untrusted Data vulnerability in Select-Themes Borgh ...)
+ TODO: check
+CVE-2026-32501 (Missing Authorization vulnerability in wp-configurator WP Configurator ...)
+ TODO: check
+CVE-2026-32500 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-32499 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-32498 (Missing Authorization vulnerability in Metagauss RegistrationMagic cus ...)
+ TODO: check
+CVE-2026-32497 (Weak Authentication vulnerability in PickPlugins User Verification use ...)
+ TODO: check
+CVE-2026-32496 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2026-32495 (Missing Authorization vulnerability in Link Software LLC WP Terms Popu ...)
+ TODO: check
+CVE-2026-32494 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-32493 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-32492 (Authentication Bypass by Spoofing vulnerability in Joe Dolson My Ticke ...)
+ TODO: check
+CVE-2026-32491 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-32490 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-32489 (Missing Authorization vulnerability in bPlugins B Blocks b-blocks allo ...)
+ TODO: check
+CVE-2026-32488 (Incorrect Privilege Assignment vulnerability in wpeverest User Registr ...)
+ TODO: check
+CVE-2026-32485 (Missing Authorization vulnerability in weDevs WP User Frontend wp-user ...)
+ TODO: check
+CVE-2026-32484 (Deserialization of Untrusted Data vulnerability in BoldGrid weForms we ...)
+ TODO: check
+CVE-2026-32483 (Missing Authorization vulnerability in codepeople Contact Form Email c ...)
+ TODO: check
+CVE-2026-32482 (Unrestricted Upload of File with Dangerous Type vulnerability in deoth ...)
+ TODO: check
+CVE-2026-32441 (Missing Authorization vulnerability in WebToffee Comments Import & Exp ...)
+ TODO: check
+CVE-2026-31921 (Missing Authorization vulnerability in Devteam HaywoodTech Product Rea ...)
+ TODO: check
+CVE-2026-31920 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-31914 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-31913 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2026-30587 (Multiple Stored XSS vulnerabilities exist in Seafile Server version 13 ...)
+ TODO: check
+CVE-2026-2995 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
+ TODO: check
+CVE-2026-2973 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2026-2745 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2026-2726 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2026-2414 (Authorization bypass through User-Controlled key vulnerability in HYPR ...)
+ TODO: check
+CVE-2026-2349 (Improper Neutralization of Input During Web Page Generation ("Cross-si ...)
+ TODO: check
+CVE-2026-2348 (Improper Neutralization of Input During Web Page Generation ("Cross-si ...)
+ TODO: check
+CVE-2026-29785 (NATS-Server is a High-Performance server for NATS.io, a cloud and edge ...)
+ TODO: check
+CVE-2026-29092 (Kiteworks is a private data network (PDN). Prior to version 9.2.1, a v ...)
+ TODO: check
+CVE-2026-28529 (cryptodev-linux version 1.14 and prior contain a page reference handli ...)
+ TODO: check
+CVE-2026-27889 (NATS-Server is a High-Performance server for NATS.io, a cloud and edge ...)
+ TODO: check
+CVE-2026-27659 (Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 1 ...)
+ TODO: check
+CVE-2026-27656 (Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2 ...)
+ TODO: check
+CVE-2026-27602 (Modoboa is a mail hosting and management platform. Prior to version 2. ...)
+ TODO: check
+CVE-2026-27496 (n8n is an open source workflow automation platform. Prior to versions ...)
+ TODO: check
+CVE-2026-27095 (Deserialization of Untrusted Data vulnerability in magepeopleteam Bus ...)
+ TODO: check
+CVE-2026-27088 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-27087 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-27084 (Deserialization of Untrusted Data vulnerability in ThemeREX Buisson bu ...)
+ TODO: check
+CVE-2026-27083 (Deserialization of Untrusted Data vulnerability in ThemeREX Work & Tra ...)
+ TODO: check
+CVE-2026-27082 (Deserialization of Untrusted Data vulnerability in ThemeREX Love Story ...)
+ TODO: check
+CVE-2026-27081 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-27080 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-27079 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-27078 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-27077 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-27076 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-27075 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-27073 (Use of Hard-coded Credentials vulnerability in Addi Addi – Cuota ...)
+ TODO: check
+CVE-2026-27071 (Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows ...)
+ TODO: check
+CVE-2026-27054 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-27051 (Incorrect Privilege Assignment vulnerability in uxper Golo golo allows ...)
+ TODO: check
+CVE-2026-27049 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+ TODO: check
+CVE-2026-27048 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-27047 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-27046 (Missing Authorization vulnerability in Kaira StoreCustomizer woocustom ...)
+ TODO: check
+CVE-2026-27045 (Deserialization of Untrusted Data vulnerability in sbthemes WooCommerc ...)
+ TODO: check
+CVE-2026-27044 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2026-27040 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2026-27039 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-26833 (thumbler through 1.1.2 allows OS command injection via the input, outp ...)
+ TODO: check
+CVE-2026-26832 (node-tesseract-ocr is an npm package that provides a Node.js wrapper f ...)
+ TODO: check
+CVE-2026-26831 (textract through 2.5.0 is vulnerable to OS Command Injection via the f ...)
+ TODO: check
+CVE-2026-26830 (pdf-image (npm package) through version 2.0.0 allows OS command inject ...)
+ TODO: check
+CVE-2026-26233 (Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2 ...)
+ TODO: check
+CVE-2026-25645 (Requests is a HTTP library. Prior to version 2.33.0, the function `req ...)
+ TODO: check
+CVE-2026-25469 (Missing Authorization vulnerability in ViaBill for WooCommerce ViaBill ...)
+ TODO: check
+CVE-2026-25465 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25464 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-25462 (Missing Authorization vulnerability in avalex avalex avalex allows Exp ...)
+ TODO: check
+CVE-2026-25461 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25460 (Missing Authorization vulnerability in LiquidThemes Ave Core ave-core ...)
+ TODO: check
+CVE-2026-25458 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-25457 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-25456 (Missing Authorization vulnerability in Aarsiv Groups Automated FedEx l ...)
+ TODO: check
+CVE-2026-25455 (Missing Authorization vulnerability in PickPlugins Product Slider for ...)
+ TODO: check
+CVE-2026-25454 (Missing Authorization vulnerability in MVPThemes The League the-league ...)
+ TODO: check
+CVE-2026-25452 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25447 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2026-25437 (Missing Authorization vulnerability in \u0633\u06cc\u062f \u0645\u062d ...)
+ TODO: check
+CVE-2026-25435 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25430 (Missing Authorization vulnerability in CRM Perks Integration for Mailc ...)
+ TODO: check
+CVE-2026-25429 (Deserialization of Untrusted Data vulnerability in wpdive Nexa Blocks ...)
+ TODO: check
+CVE-2026-25417 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25414 (Incorrect Privilege Assignment vulnerability in iqonicdesign WPBookit ...)
+ TODO: check
+CVE-2026-25413 (Unrestricted Upload of File with Dangerous Type vulnerability in iqoni ...)
+ TODO: check
+CVE-2026-25406 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+ TODO: check
+CVE-2026-25401 (Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trac ...)
+ TODO: check
+CVE-2026-25400 (Deserialization of Untrusted Data vulnerability in thememount Apicona ...)
+ TODO: check
+CVE-2026-25398 (Missing Authorization vulnerability in Webilia Inc. Vertex Addons for ...)
+ TODO: check
+CVE-2026-25397 (Path Traversal: '.../...//' vulnerability in Snowray Software File Upl ...)
+ TODO: check
+CVE-2026-25396 (Missing Authorization vulnerability in CoderPress Commerce Coinbase Fo ...)
+ TODO: check
+CVE-2026-25390 (Missing Authorization vulnerability in Saad Iqbal New User Approve new ...)
+ TODO: check
+CVE-2026-25383 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25382 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-25381 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-25380 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-25379 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-25377 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-25376 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25373 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25371 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-25366 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2026-25365 (Missing Authorization vulnerability in \xd6zg\xfcr KARALAR Kargo Takip ...)
+ TODO: check
+CVE-2026-25361 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25360 (Deserialization of Untrusted Data vulnerability in rascals Vex vex all ...)
+ TODO: check
+CVE-2026-25359 (Deserialization of Untrusted Data vulnerability in rascals Pendulum pe ...)
+ TODO: check
+CVE-2026-25358 (Deserialization of Untrusted Data vulnerability in rascals Meloo meloo ...)
+ TODO: check
+CVE-2026-25357 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+ TODO: check
+CVE-2026-25356 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25355 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25354 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25353 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25352 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25351 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25350 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25349 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25347 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25346 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25345 (Improper Validation of Specified Quantity in Input vulnerability in Ga ...)
+ TODO: check
+CVE-2026-25344 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
+ TODO: check
+CVE-2026-25342 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25341 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25340 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-25339 (Insertion of Sensitive Information Into Sent Data vulnerability in Sye ...)
+ TODO: check
+CVE-2026-25334 (Incorrect Privilege Assignment vulnerability in wordpresschef Salon Bo ...)
+ TODO: check
+CVE-2026-25328 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2026-25327 (Missing Authorization vulnerability in Rustaurius Five Star Restaurant ...)
+ TODO: check
+CVE-2026-25317 (Missing Authorization vulnerability in tychesoftwares Print Invoice & ...)
+ TODO: check
+CVE-2026-25309 (Missing Authorization vulnerability in PublishPress PublishPress Autho ...)
+ TODO: check
+CVE-2026-25306 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25304 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25035 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+ TODO: check
+CVE-2026-25034 (Missing Authorization vulnerability in Iqonic Design KiviCare kivicare ...)
+ TODO: check
+CVE-2026-25033 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25032 (Deserialization of Untrusted Data vulnerability in park_of_ideas Ricky ...)
+ TODO: check
+CVE-2026-25031 (Deserialization of Untrusted Data vulnerability in park_of_ideas Tasty ...)
+ TODO: check
+CVE-2026-25030 (Deserialization of Untrusted Data vulnerability in park_of_ideas Goldi ...)
+ TODO: check
+CVE-2026-25029 (Deserialization of Untrusted Data vulnerability in park_of_ideas KIDZ ...)
+ TODO: check
+CVE-2026-25026 (Missing Authorization vulnerability in RadiusTheme Team tlp-team allow ...)
+ TODO: check
+CVE-2026-25025 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25018 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25017 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-25013 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-25009 (Missing Authorization vulnerability in raratheme Education Zone educat ...)
+ TODO: check
+CVE-2026-25007 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-25002 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+ TODO: check
+CVE-2026-25001 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
+ TODO: check
+CVE-2026-24993 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-24989 (Deserialization of Untrusted Data vulnerability in FantasticPlugins SU ...)
+ TODO: check
+CVE-2026-24987 (Missing Authorization vulnerability in activity-log.com WP System Log ...)
+ TODO: check
+CVE-2026-24983 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-24981 (Deserialization of Untrusted Data vulnerability in NooTheme Visionary ...)
+ TODO: check
+CVE-2026-24980 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-24979 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-24978 (Deserialization of Untrusted Data vulnerability in NooTheme Jobica Cor ...)
+ TODO: check
+CVE-2026-24977 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-24976 (Deserialization of Untrusted Data vulnerability in NooTheme Organici L ...)
+ TODO: check
+CVE-2026-24975 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-24974 (Deserialization of Untrusted Data vulnerability in NooTheme CitiLights ...)
+ TODO: check
+CVE-2026-24973 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-24972 (Missing Authorization vulnerability in Elated-Themes Elated Listing el ...)
+ TODO: check
+CVE-2026-24971 (Incorrect Privilege Assignment vulnerability in Elated-Themes Search & ...)
+ TODO: check
+CVE-2026-24970 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2026-24969 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2026-24968 (Incorrect Privilege Assignment vulnerability in Xagio SEO Xagio SEO xa ...)
+ TODO: check
+CVE-2026-24964 (Server-Side Request Forgery (SSRF) vulnerability in Wasiliy Strecker / ...)
+ TODO: check
+CVE-2026-24750 (Kiteworks is a private data network (PDN). In Kiteworks Secure Data Fo ...)
+ TODO: check
+CVE-2026-24391 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-24382 (Missing Authorization vulnerability in wproyal News Magazine X news-ma ...)
+ TODO: check
+CVE-2026-24378 (Deserialization of Untrusted Data vulnerability in Metagauss EventPrim ...)
+ TODO: check
+CVE-2026-24376 (Missing Authorization vulnerability in Javier Casares WPVulnerability ...)
+ TODO: check
+CVE-2026-24373 (Incorrect Privilege Assignment vulnerability in Metagauss Registration ...)
+ TODO: check
+CVE-2026-24372 (Authentication Bypass by Spoofing vulnerability in WP Swings Subscript ...)
+ TODO: check
+CVE-2026-24370 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-24369 (Missing Authorization vulnerability in Theme-one The Grid the-grid all ...)
+ TODO: check
+CVE-2026-24364 (Missing Authorization vulnerability in weDevs WP User Frontend wp-user ...)
+ TODO: check
+CVE-2026-24363 (Missing Authorization vulnerability in loopus WP Cost Estimation & Pay ...)
+ TODO: check
+CVE-2026-24362 (Missing Authorization vulnerability in bdthemes Ultimate Post Kit ulti ...)
+ TODO: check
+CVE-2026-24359 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+ TODO: check
+CVE-2026-23979 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-23977 (Missing Authorization vulnerability in WPFactory Helpdesk Support Tick ...)
+ TODO: check
+CVE-2026-23973 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-23972 (Missing Authorization vulnerability in magepeopleteam Booking and Rent ...)
+ TODO: check
+CVE-2026-23971 (Deserialization of Untrusted Data vulnerability in xtemos WoodMart woo ...)
+ TODO: check
+CVE-2026-23807 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-23806 (Missing Authorization vulnerability in BlueGlass Interactive AG Jobs f ...)
+ TODO: check
+CVE-2026-23636 (Kiteworks is a private data network (PDN). In Kiteworks Secure Data Fo ...)
+ TODO: check
+CVE-2026-23635 (Kiteworks is a private data network (PDN). In Kiteworks Secure Data Fo ...)
+ TODO: check
+CVE-2026-23514 (Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of ...)
+ TODO: check
+CVE-2026-22524 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-22523 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-22520 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-22516 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22515 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22514 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22513 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22512 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22511 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22510 (Deserialization of Untrusted Data vulnerability in AncoraThemes Melody ...)
+ TODO: check
+CVE-2026-22509 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22508 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22507 (Deserialization of Untrusted Data vulnerability in AncoraThemes Beelov ...)
+ TODO: check
+CVE-2026-22506 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22505 (Deserialization of Untrusted Data vulnerability in AncoraThemes Mornin ...)
+ TODO: check
+CVE-2026-22504 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22503 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22502 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22500 (Deserialization of Untrusted Data vulnerability in axiomthemes m2 | Co ...)
+ TODO: check
+CVE-2026-22499 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22498 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22496 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22495 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22494 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22493 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-22491 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-22485 (Missing Authorization vulnerability in Ruhul Amin My Album Gallery my- ...)
+ TODO: check
+CVE-2026-22484 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-22480 (Deserialization of Untrusted Data vulnerability in WebToffee Product F ...)
+ TODO: check
+CVE-2026-22448 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2026-20719 (Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2 ...)
+ TODO: check
+CVE-2026-20125 (A vulnerability in the HTTP Server feature of Cisco IOS Software and C ...)
+ TODO: check
+CVE-2026-20115 (A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow ...)
+ TODO: check
+CVE-2026-20114 (A vulnerability in the Lobby Ambassador web-based management API of Ci ...)
+ TODO: check
+CVE-2026-20113 (A vulnerability in the web-based Cisco IOx application hosting environ ...)
+ TODO: check
+CVE-2026-20112 (A vulnerability in the web-based Cisco IOx application hosting environ ...)
+ TODO: check
+CVE-2026-20110 (A vulnerability in the CLI of Cisco IOS XE Software could allow an aut ...)
+ TODO: check
+CVE-2026-20108 (A vulnerability in the web-based management interface of Cisco Catalys ...)
+ TODO: check
+CVE-2026-20104 (A vulnerability in the bootloader of Cisco IOS XE Software for Cisco C ...)
+ TODO: check
+CVE-2026-20086 (A vulnerability in the processing of Control and Provisioning of Wirel ...)
+ TODO: check
+CVE-2026-20084 (A vulnerability in the DHCP snooping feature of Cisco IOS XE Software ...)
+ TODO: check
+CVE-2026-20083 (A vulnerability in the Secure Copy Protocol (SCP) server feature of Ci ...)
+ TODO: check
+CVE-2026-20012 (A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature ...)
+ TODO: check
+CVE-2026-20004 (A vulnerability in the TLS library of Cisco IOS XE Software could allo ...)
+ TODO: check
+CVE-2026-1917 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+ TODO: check
+CVE-2026-1724 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
+ TODO: check
+CVE-2026-1712 (Incorrect privilege assignment vulnerability in HYPR Server allows Pri ...)
+ TODO: check
+CVE-2026-1001 (Domoticz versions prior to 2026.1 contain a stored cross-site scriptin ...)
+ TODO: check
+CVE-2025-70952 (pf4j before 20c2f80 has a path traversal vulnerability in the extract( ...)
+ TODO: check
+CVE-2025-70888 (An issue in mtrojnar Osslsigncode affected at v2.10 and before allows ...)
+ TODO: check
+CVE-2025-70887 (An issue in ralphje Signify before v.0.9.2 allows a remote attacker to ...)
+ TODO: check
+CVE-2025-69358 (Missing Authorization vulnerability in Metagauss EventPrime eventprime ...)
+ TODO: check
+CVE-2025-69347 (Authorization Bypass Through User-Controlled Key vulnerability in Conv ...)
+ TODO: check
+CVE-2025-69096 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-67030 (Directory Traversal vulnerability in the extractFile method of org.cod ...)
+ TODO: check
+CVE-2025-59707 (In N2W before 4.3.2 and 4.4.x before 4.4.1, there is potential remote ...)
+ TODO: check
+CVE-2025-59706 (In N2W before 4.3.2 and 4.4.0 before 4.4.1, improper validation of API ...)
+ TODO: check
+CVE-2025-40842 (Ericsson Indoor Connect 8855 versions prior to 2025.Q3contains a Cross ...)
+ TODO: check
+CVE-2025-40841 (Ericsson Indoor Connect 8855 versions prior to 2025.Q3contains a Cross ...)
+ TODO: check
+CVE-2025-32991 (In N2WS Backup & Recovery before 4.4.0, a two-step attack against the ...)
+ TODO: check
+CVE-2025-27260 (Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Imp ...)
+ TODO: check
+CVE-2025-14790 (IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allo ...)
+ TODO: check
+CVE-2025-14595 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
+ TODO: check
+CVE-2025-13436 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2025-13078 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2025-12708 (IBM Concert 1.0.0 through 2.2.0 contains hard-coded credentials that c ...)
+ TODO: check
+CVE-2024-58341 (OpenCart Core 4.0.2.3 contains a SQL injection vulnerability that allo ...)
+ TODO: check
+CVE-2024-51348 (A stack-based buffer overflow vulnerability in the P2P API service in ...)
+ TODO: check
+CVE-2024-51347 (A buffer overflow vulnerability in the dgiot binary in LSC Smart Indoo ...)
+ TODO: check
+CVE-2024-51346 (An issue in Eufy Homebase 2 version 3.3.4.1h allows a local attacker t ...)
+ TODO: check
+CVE-2026-1519 (If a BIND resolver is performing DNSSEC validation and encounters a ma ...)
- bind9 <unfixed>
NOTE: https://kb.isc.org/docs/cve-2026-1519
-CVE-2026-3104 [Memory leak in code preparing DNSSEC proofs of non-existence]
+CVE-2026-3104 (A specially crafted domain can be used to cause a memory leak in a BIN ...)
- bind9 <unfixed>
NOTE: https://kb.isc.org/docs/cve-2026-3104
-CVE-2026-3119 [Authenticated query containing a TKEY record may cause named to terminate unexpectedly]
+CVE-2026-3119 (Under certain conditions, `named` may crash when processing a correctl ...)
- bind9 <unfixed>
NOTE: https://kb.isc.org/docs/cve-2026-3119
-CVE-2026-3591 [A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass]
+CVE-2026-3591 (A use-after-return vulnerability exists in the `named` server when han ...)
- bind9 <unfixed>
NOTE: https://kb.isc.org/docs/cve-2026-3591
-CVE-2026-3608
+CVE-2026-3608 (Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp- ...)
- isc-kea 3.0.3-1
NOTE: https://kb.isc.org/docs/cve-2026-3608
CVE-2026-33515
@@ -25,513 +719,513 @@ CVE-2026-33526
- squid <unfixed>
NOTE: https://www.openwall.com/lists/oss-security/2026/03/25/2
NOTE: Fixed by: https://github.com/squid-cache/squid/commit/8a7d42f9d44befb8fcbbb619505587c8de6a1e91 (SQUID_7_5)
-CVE-2026-23395 [Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ]
+CVE-2026-23395 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/5b3e2052334f2ff6d5200e952f4aa66994d09899 (7.0-rc5)
-CVE-2026-23394 [af_unix: Give up GC if MSG_PEEK intervened.]
+CVE-2026-23394 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e5b31d988a41549037b8d8721a3c3cae893d8670 (7.0-rc5)
-CVE-2026-23393 [bridge: cfm: Fix race condition in peer_mep deletion]
+CVE-2026-23393 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3715a00855316066cdda69d43648336367422127 (7.0-rc5)
-CVE-2026-23392 [netfilter: nf_tables: release flowtable after rcu grace period on error]
+CVE-2026-23392 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/d73f4b53aaaea4c95f245e491aa5eeb8a21874ce (7.0-rc5)
-CVE-2026-23391 [netfilter: xt_CT: drop pending enqueued packets on template removal]
+CVE-2026-23391 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/f62a218a946b19bb59abdd5361da85fa4606b96b (7.0-rc5)
-CVE-2026-23390 [tracing/dma: Cap dma_map_sg tracepoint arrays to prevent buffer overflow]
+CVE-2026-23390 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.18.13-1
[trixie] - linux 6.12.74-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/daafcc0ef0b358d9d622b6e3b7c43767aa3814ee (6.19)
-CVE-2026-23384 [RDMA/ionic: Fix kernel stack leak in ionic_create_cq()]
+CVE-2026-23384 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/faa72102b178c7ae6c6afea23879e7c84fc59b4e (7.0-rc2)
-CVE-2026-23376 [nvmet-fcloop: Check remoteport port_state before calling done callback]
+CVE-2026-23376 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dd677d0598387ea623820ab2bd0e029c377445a3 (7.0-rc3)
-CVE-2026-23366 [drm/client: Do not destroy NULL modes]
+CVE-2026-23366 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c601fd5414315fc515f746b499110e46272e7243 (7.0-rc2)
-CVE-2026-23358 [drm/amdgpu: Fix error handling in slot reset]
+CVE-2026-23358 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b57c4ec98c17789136a4db948aec6daadceb5024 (7.0-rc2)
-CVE-2026-23355 [ata: libata: cancel pending work after clearing deferred_qc]
+CVE-2026-23355 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/aac9b27f7c1f2b2cf7f50a9ca633ecbbcaf22af9 (7.0-rc3)
-CVE-2026-23353 [ice: fix crash in ethtool offline loopback test]
+CVE-2026-23353 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a9c354e656597aededa027d63d2ff0973f6b033f (7.0-rc3)
-CVE-2026-23350 [drm/xe/queue: Call fini on exec queue creation fail]
+CVE-2026-23350 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/99f9b5343cae80eb0dfe050baf6c86d722b3ba2e (7.0-rc3)
-CVE-2026-23349 [HID: pidff: Fix condition effect bit clearing]
+CVE-2026-23349 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/97d5c8f5c09a604c4873c8348f58de3cea69a7df (7.0-rc3)
-CVE-2026-23345 [arm64: gcs: Do not set PTE_SHARED on GCS mappings if FEAT_LPA2 is enabled]
+CVE-2026-23345 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8a85b3131225a8c8143ba2ae29c0eef8c1f9117f (7.0-rc2)
-CVE-2026-23344 [crypto: ccp - Fix use-after-free on error path]
+CVE-2026-23344 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/889b0e2721e793eb46cf7d17b965aa3252af3ec8 (7.0-rc3)
-CVE-2026-23342 [bpf: Fix race in cpumap on PREEMPT_RT]
+CVE-2026-23342 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/869c63d5975d55e97f6b168e885452b3da20ea47 (7.0-rc2)
-CVE-2026-23341 [accel/amdxdna: Fix crash when destroying a suspended hardware context]
+CVE-2026-23341 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8363c02863332992a1822688da41f881d88d1631 (7.0-rc2)
-CVE-2026-23338 [drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings]
+CVE-2026-23338 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7b7d7693a55d606d700beb9549c9f7f0e5d9c24f (7.0-rc2)
-CVE-2026-23337 [pinctrl: pinconf-generic: Fix memory leak in pinconf_generic_parse_dt_config()]
+CVE-2026-23337 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7a648d598cb8e8c62af3f0e020a25820a3f3a9a7 (7.0-rc3)
-CVE-2026-23332 [cpufreq: intel_pstate: Fix crash during turbo disable]
+CVE-2026-23332 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6b050482ec40569429d963ac52afa878691b04c9 (7.0-rc2)
-CVE-2026-23331 [udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected.]
+CVE-2026-23331 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6996a2d2d0a64808c19c98002aeb5d9d1b2df6a4 (7.0-rc3)
-CVE-2026-23329 [libie: don't unroll if fwlog isn't supported]
+CVE-2026-23329 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/636cc3bd12f499c74eaf5dc9a7d5b832f1bb24ed (7.0-rc3)
-CVE-2026-23326 [xsk: Fix fragment node deletion to prevent buffer leak]
+CVE-2026-23326 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/60abb0ac11dccd6b98fd9182bc5f85b621688861 (7.0-rc3)
-CVE-2026-23323 [hwmon: (macsmc) Fix regressions in Apple Silicon SMC hwmon driver]
+CVE-2026-23323 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5dd69b864911ae3847365e8bafe7854e79fbeecb (7.0-rc3)
-CVE-2026-23322 [ipmi: Fix use-after-free and list corruption on sender error]
+CVE-2026-23322 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/594c11d0e1d445f580898a2b8c850f2e3f099368 (7.0-rc2)
-CVE-2026-23314 [regulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio()]
+CVE-2026-23314 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4baaddaa44af01cd4ce239493060738fd0881835 (7.0-rc2)
-CVE-2026-23311 [perf/core: Fix invalid wait context in ctx_sched_in()]
+CVE-2026-23311 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/486ff5ad49bc50315bcaf6d45f04a33ef0a45ced (7.0-rc2)
-CVE-2026-23309 [tracing: Add NULL pointer check to trigger_data_free()]
+CVE-2026-23309 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/457965c13f0837a289c9164b842d0860133f6274 (7.0-rc3)
-CVE-2026-23305 [accel/rocket: fix unwinding in error path in rocket_probe]
+CVE-2026-23305 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/34f4495a7f72895776b81969639f527c99eb12b9 (7.0-rc1)
-CVE-2026-23301 [ASoC: SDCA: Add allocation failure check for Entity name]
+CVE-2026-23301 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/27990181031fdcdbe0f7c46011f6404e5d116386 (7.0-rc3)
-CVE-2026-23299 [Bluetooth: purge error queues in socket destructors]
+CVE-2026-23299 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/21e4271e65094172aadd5beb8caea95dd0fbf6d7 (7.0-rc2)
-CVE-2026-23295 [accel/amdxdna: Fix dead lock for suspend and resume]
+CVE-2026-23295 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1aa82181a3c285c7351523d587f7981ae4c015c8 (7.0-rc2)
-CVE-2026-23294 [bpf: Fix race in devmap on PREEMPT_RT]
+CVE-2026-23294 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1872e75375c40add4a35990de3be77b5741c252c (7.0-rc2)
-CVE-2026-23288 [accel/amdxdna: Fix out-of-bounds memset in command slot handling]
+CVE-2026-23288 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1110a949675ebd56b3f0286e664ea543f745801c (7.0-rc2)
-CVE-2026-23283 [regulator: fp9931: Fix PM runtime reference leak in fp9931_hwmon_read()]
+CVE-2026-23283 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0902010c8d163f7b62e655efda1a843529152c7c (7.0-rc2)
-CVE-2026-23282 [smb: client: fix oops due to uninitialised var in smb2_unlink()]
+CVE-2026-23282 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/048efe129a297256d3c2088cf8d79515ff5ec864 (7.0-rc3)
-CVE-2026-23280 [accel/amdxdna: Prevent ubuf size overflow]
+CVE-2026-23280 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/03808abb1d868aed7478a11a82e5bb4b3f1ca6d6 (7.0-rc2)
-CVE-2026-23389 [ice: Fix memory leak in ice_set_ringparam()]
+CVE-2026-23389 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/fe868b499d16f55bbeea89992edb98043c9de416 (7.0-rc3)
-CVE-2026-23388 [Squashfs: check metadata block offset is within range]
+CVE-2026-23388 (In the Linux kernel, the following vulnerability has been resolved: S ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/fdb24a820a5832ec4532273282cbd4f22c291a0d (7.0-rc2)
-CVE-2026-23387 [pinctrl: cirrus: cs42l43: Fix double-put in cs42l43_pin_probe()]
+CVE-2026-23387 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fd5bed798f45eb3a178ad527b43ab92705faaf8a (7.0-rc3)
-CVE-2026-23386 [gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL]
+CVE-2026-23386 (In the Linux kernel, the following vulnerability has been resolved: g ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fb868db5f4bccd7a78219313ab2917429f715cea (7.0-rc2)
-CVE-2026-23385 [netfilter: nf_tables: clone set on flush only]
+CVE-2026-23385 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fb7fb4016300ac622c964069e286dc83166a5d52 (7.0-rc3)
-CVE-2026-23383 [bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing]
+CVE-2026-23383 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ef06fd16d48704eac868441d98d4ef083d8f3d07 (7.0-rc2)
-CVE-2026-23382 [HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them]
+CVE-2026-23382 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/ecfa6f34492c493a9a1dc2900f3edeb01c79946b (7.0-rc3)
-CVE-2026-23381 [net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled]
+CVE-2026-23381 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/e5e890630533bdc15b26a34bb8e7ef539bdf1322 (7.0-rc3)
-CVE-2026-23380 [tracing: Fix WARN_ON in tracing_buffers_mmap_close]
+CVE-2026-23380 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e39bb9e02b68942f8e9359d2a3efe7d37ae6be0e (7.0-rc3)
-CVE-2026-23379 [net/sched: ets: fix divide by zero in the offload path]
+CVE-2026-23379 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/e35626f610f3d2b7953ccddf6a77453da22b3a9e (7.0-rc3)
-CVE-2026-23378 [net/sched: act_ife: Fix metalist update behavior]
+CVE-2026-23378 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/e2cedd400c3ec0302ffca2490e8751772906ac23 (7.0-rc3)
-CVE-2026-23377 [ice: change XDP RxQ frag_size from DMA write length to xdp.frame_sz]
+CVE-2026-23377 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e142dc4ef0f451b7ef99d09aaa84e9389af629d7 (7.0-rc3)
-CVE-2026-23375 [mm: thp: deny THP for files on anonymous inodes]
+CVE-2026-23375 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dd085fe9a8ebfc5d10314c60452db38d2b75e609 (7.0-rc2)
-CVE-2026-23374 [blktrace: fix __this_cpu_read/write in preemptible context]
+CVE-2026-23374 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/da46b5dfef48658d03347cda21532bcdbb521e67 (7.0-rc3)
-CVE-2026-23373 [wifi: rsi: Don't default to -EOPNOTSUPP in rsi_mac80211_config]
+CVE-2026-23373 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d973b1039ccde6b241b438d53297edce4de45b5c (7.0-rc3)
-CVE-2026-23372 [nfc: rawsock: cancel tx_work before socket teardown]
+CVE-2026-23372 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/d793458c45df2aed498d7f74145eab7ee22d25aa (7.0-rc3)
-CVE-2026-23371 [sched/deadline: Fix missing ENQUEUE_REPLENISH during PI de-boosting]
+CVE-2026-23371 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/d658686a1331db3bb108ca079d76deb3208ed949 (7.0-rc3)
-CVE-2026-23370 [platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data]
+CVE-2026-23370 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d1a196e0a6dcddd03748468a0e9e3100790fc85c (7.0-rc3)
-CVE-2026-23369 [i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock"]
+CVE-2026-23369 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/cfc69c2e6c699c96949f7b0455195b0bfb7dc715 (7.0-rc3)
-CVE-2026-23368 [net: phy: register phy led_triggers during probe to avoid AB-BA deadlock]
+CVE-2026-23368 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/c8dbdc6e380e7e96a51706db3e4b7870d8a9402d (7.0-rc2)
-CVE-2026-23367 [wifi: radiotap: reject radiotap with unknown bits]
+CVE-2026-23367 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/c854758abe0b8d86f9c43dc060ff56a0ee5b31e0 (7.0-rc2)
-CVE-2026-23365 [net: usb: kalmia: validate USB endpoints]
+CVE-2026-23365 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/c58b6c29a4c9b8125e8ad3bca0637e00b71e2693 (7.0-rc2)
-CVE-2026-23364 [ksmbd: Compare MACs in constant time]
+CVE-2026-23364 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c5794709bc9105935dbedef8b9cf9c06f2b559fa (7.0-rc2)
-CVE-2026-23363 [wifi: mt76: mt7925: Fix possible oob access in mt7925_mac_write_txwi_80211()]
+CVE-2026-23363 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c41a9abd6ae31d130e8f332e7c8800c4c866234b (7.0-rc3)
-CVE-2026-23362 [can: bcm: fix locking for bcm_op runtime updates]
+CVE-2026-23362 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/c35636e91e392e1540949bbc67932167cb48bc3a (7.0-rc3)
-CVE-2026-23361 [PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry]
+CVE-2026-23361 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/c22533c66ccae10511ad6a7afc34bb26c47577e3 (7.0-rc2)
-CVE-2026-23360 [nvme: fix admin queue leak on controller reset]
+CVE-2026-23360 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b84bb7bd913d8ca2f976ee6faf4a174f91c02b8d (7.0-rc3)
-CVE-2026-23359 [bpf: Fix stack-out-of-bounds write in devmap]
+CVE-2026-23359 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b7bf516c3ecd9a2aae2dc2635178ab87b734fef1 (7.0-rc2)
-CVE-2026-23357 [can: mcp251x: fix deadlock in error path of mcp251x_open]
+CVE-2026-23357 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/ab3f894de216f4a62adc3b57e9191888cbf26885 (7.0-rc3)
-CVE-2026-23356 [drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock()]
+CVE-2026-23356 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/ab140365fb62c0bdab22b2f516aff563b2559e3b (7.0-rc2)
-CVE-2026-23354 [x86/fred: Correct speculative safety in fred_extint()]
+CVE-2026-23354 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/aa280a08e7d8fae58557acc345b36b3dc329d595 (7.0-rc2)
-CVE-2026-23352 [x86/efi: defer freeing of boot services memory]
+CVE-2026-23352 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/a4b0bf6a40f3c107c67a24fbc614510ef5719980 (7.0-rc3)
-CVE-2026-23351 [netfilter: nft_set_pipapo: split gc into unlink and reclaim phase]
+CVE-2026-23351 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/9df95785d3d8302f7c066050117b04cd3c2048c2 (7.0-rc3)
-CVE-2026-23348 [cxl: Fix race of nvdimm_bus object when creating nvdimm objects]
+CVE-2026-23348 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/96a1fd0d84b17360840f344826897fa71049870e (7.0-rc2)
-CVE-2026-23347 [can: usb: f81604: correctly anchor the urb in the read bulk callback]
+CVE-2026-23347 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/952caa5da10bed22be09612433964f6877ba0dde (7.0-rc3)
-CVE-2026-23346 [arm64: io: Extract user memory type in ioremap_prot()]
+CVE-2026-23346 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8f098037139b294050053123ab2bc0f819d08932 (7.0-rc2)
-CVE-2026-23343 [xdp: produce a warning when calculated tailroom is negative]
+CVE-2026-23343 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8821e857759be9db3cde337ad328b71fe5c8a55f (7.0-rc3)
-CVE-2026-23340 [net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs]
+CVE-2026-23340 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/7f083faf59d14c04e01ec05a7507f036c965acf8 (7.0-rc3)
-CVE-2026-23339 [nfc: nci: free skb on nci_transceive early error paths]
+CVE-2026-23339 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/7bd4b0c4779f978a6528c9b7937d2ca18e936e2c (7.0-rc3)
-CVE-2026-23336 [wifi: cfg80211: cancel rfkill_block work in wiphy_unregister()]
+CVE-2026-23336 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/767d23ade706d5fa51c36168e92a9c5533c351a1 (7.0-rc2)
-CVE-2026-23335 [RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()]
+CVE-2026-23335 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/74586c6da9ea222a61c98394f2fc0a604748438c (7.0-rc2)
-CVE-2026-23334 [can: usb: f81604: handle short interrupt urb messages properly]
+CVE-2026-23334 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7299b1b39a255f6092ce4ec0b65f66e9d6a357af (7.0-rc3)
-CVE-2026-23333 [netfilter: nft_set_rbtree: validate open interval overlap]
+CVE-2026-23333 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.6-1
NOTE: https://git.kernel.org/linus/
-CVE-2026-23330 [nfc: nci: complete pending data exchange on device close]
+CVE-2026-23330 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/66083581945bd5b8e99fe49b5aeb83d03f62d053 (7.0-rc3)
-CVE-2026-23328 [accel/amdxdna: Fix NULL pointer dereference of mgmt_chann]
+CVE-2026-23328 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.19.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6270ee26e1edd862ea17e3eba148ca8fb2c99dc9 (7.0-rc3)
-CVE-2026-23327 [cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed()]
+CVE-2026-23327 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/60b5d1f68338aff2c5af0113f04aefa7169c50c2 (7.0-rc2)
-CVE-2026-23325 [wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211()]
+CVE-2026-23325 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/60862846308627e9e15546bb647a00de44deb27b (7.0-rc3)
-CVE-2026-23324 [can: usb: etas_es58x: correctly anchor the urb in the read bulk callback]
+CVE-2026-23324 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5eaad4f768266f1f17e01232ffe2ef009f8129b7 (7.0-rc3)
-CVE-2026-23321 [mptcp: pm: in-kernel: always mark signal+subflow endp as used]
+CVE-2026-23321 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/579a752464a64cb5f9139102f0e6b90a1f595ceb (7.0-rc3)
-CVE-2026-23320 [usb: gadget: f_ncm: align net_device lifecycle with bind/unbind]
+CVE-2026-23320 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/56a512a9b4107079f68701e7d55da8507eb963d9 (7.0-rc1)
-CVE-2026-23319 [bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim]
+CVE-2026-23319 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/56145d237385ca0e7ca9ff7b226aaf2eb8ef368b (7.0-rc3)
-CVE-2026-23318 [ALSA: usb-audio: Use correct version for UAC3 header validation]
+CVE-2026-23318 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/54f9d645a5453d0bfece0c465d34aaf072ea99fa (7.0-rc2)
-CVE-2026-23317 [drm/vmwgfx: Return the correct value in vmw_translate_ptr functions]
+CVE-2026-23317 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5023ca80f9589295cb60735016e39fc5cc714243 (7.0-rc2)
-CVE-2026-23316 [net: ipv4: fix ARM64 alignment fault in multipath hash seed]
+CVE-2026-23316 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4ee7fa6cf78ff26d783d39e2949d14c4c1cd5e7f (7.0-rc3)
-CVE-2026-23315 [wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211()]
+CVE-2026-23315 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/4e10a730d1b511ff49723371ed6d694dd1b2c785 (7.0-rc3)
-CVE-2026-23313 [i40e: Fix preempt count leak in napi poll tracepoint]
+CVE-2026-23313 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4b3d54a85bd37ebf2d9836f0d0de775c0ff21af9 (7.0-rc3)
-CVE-2026-23312 [net: usb: kaweth: validate USB endpoints]
+CVE-2026-23312 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/4b063c002ca759d1b299988ee23f564c9609c875 (7.0-rc2)
-CVE-2026-23310 [bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded]
+CVE-2026-23310 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/479d589b40b836442bbdadc3fdb37f001bb67f26 (7.0-rc3)
-CVE-2026-23308 [pinctrl: equilibrium: fix warning trace on load]
+CVE-2026-23308 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3e00b1b332e54ba50cca6691f628b9c06574024f (7.0-rc3)
-CVE-2026-23307 [can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message]
+CVE-2026-23307 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/38a01c9700b0dcafe97dfa9dc7531bf4a245deff (7.0-rc3)
-CVE-2026-23306 [scsi: pm8001: Fix use-after-free in pm8001_queue_command()]
+CVE-2026-23306 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/38353c26db28efd984f51d426eac2396d299cca7 (7.0-rc2)
-CVE-2026-23304 [ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()]
+CVE-2026-23304 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/2ffb4f5c2ccb2fa1c049dd11899aee7967deef5a (7.0-rc3)
-CVE-2026-23303 [smb: client: Don't log plaintext credentials in cifs_set_cifscreds]
+CVE-2026-23303 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/2f37dc436d4e61ff7ae0b0353cf91b8c10396e4d (7.0-rc2)
-CVE-2026-23302 [net: annotate data-races around sk->sk_{data_ready,write_space}]
+CVE-2026-23302 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/2ef2b20cf4e04ac8a6ba68493f8780776ff84300 (7.0-rc3)
-CVE-2026-23300 [net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop]
+CVE-2026-23300 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/21ec92774d1536f71bdc90b0e3d052eff99cf093 (7.0-rc3)
-CVE-2026-23298 [can: ucan: Fix infinite loop from zero-length messages]
+CVE-2026-23298 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/1e446fd0582ad8be9f6dafb115fc2e7245f9bea7 (7.0-rc3)
-CVE-2026-23297 [nfsd: Fix cred ref leak in nfsd_nl_threads_set_doit().]
+CVE-2026-23297 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1cb968a2013ffa8112d52ebe605009ea1c6a582c (7.0-rc3)
-CVE-2026-23296 [scsi: core: Fix refcount leak for tagset_refcnt]
+CVE-2026-23296 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/1ac22c8eae81366101597d48360718dff9b9d980 (7.0-rc3)
-CVE-2026-23293 [net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled]
+CVE-2026-23293 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/168ff39e4758897d2eee4756977d036d52884c7e (7.0-rc3)
-CVE-2026-23292 [scsi: target: Fix recursive locking in __configfs_open_file()]
+CVE-2026-23292 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/14d4ac19d1895397532eec407433c5d74d9da53b (7.0-rc3)
-CVE-2026-23291 [nfc: pn533: properly drop the usb interface reference on disconnect]
+CVE-2026-23291 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/12133a483dfa832241fbbf09321109a0ea8a520e (7.0-rc2)
-CVE-2026-23290 [net: usb: pegasus: validate USB endpoints]
+CVE-2026-23290 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/11de1d3ae5565ed22ef1f89d73d8f2d00322c699 (7.0-rc2)
-CVE-2026-23289 [IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()]
+CVE-2026-23289 (In the Linux kernel, the following vulnerability has been resolved: I ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/117942ca43e2e3c3d121faae530989931b7f67e1 (7.0-rc2)
-CVE-2026-23287 [irqchip/sifive-plic: Fix frozen interrupt due to affinity setting]
+CVE-2026-23287 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/1072020685f4b81f6efad3b412cdae0bd62bb043 (7.0-rc2)
-CVE-2026-23286 [atm: lec: fix null-ptr-deref in lec_arp_clear_vccs]
+CVE-2026-23286 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/101bacb303e89dc2e0640ae6a5e0fb97c4eb45bb (7.0-rc3)
-CVE-2026-23285 [drbd: fix null-pointer dereference on local read error]
+CVE-2026-23285 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.19.8-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0d195d3b205ca90db30d70d09d7bb6909aac178f (7.0-rc2)
-CVE-2026-23284 [net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()]
+CVE-2026-23284 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0abc73c8a40fd64ac1739c90bb4f42c418d27a5e (7.0-rc3)
-CVE-2026-23281 [wifi: libertas: fix use-after-free in lbs_free_adapter()]
+CVE-2026-23281 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/03cc8f90d0537fcd4985c3319b4fafbf2e3fb1f0 (7.0-rc2)
-CVE-2026-23279 [wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame()]
+CVE-2026-23279 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.19.8-1
NOTE: https://git.kernel.org/linus/017c1792525064a723971f0216e6ef86a8c7af11 (7.0-rc2)
CVE-2026-4784 (A vulnerability was found in code-projects Simple Laundry System 1.0. ...)
@@ -809,7 +1503,7 @@ CVE-2026-21711
CVE-2026-21710
- nodejs 22.22.2+dfsg+~cs22.19.15-1
NOTE: https://nodejs.org/en/blog/vulnerability/march-2026-security-releases#denial-of-service-via-__proto__-header-name-in-reqheadersdistinct-uncaught-typeerror-crashes-nodejs-process-cve-2026-21710---high
-CVE-2026-31788
+CVE-2026-31788 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-482.html
NOTE: https://git.kernel.org/linus/453b8fb68f3641fea970db88b7d9a153ed2a37e8
@@ -1004,7 +1698,8 @@ CVE-2026-21783 (HCL Traveler is affected by sensitive information disclosure. Th
NOT-FOR-US: HCL
CVE-2026-1995 (IDrive\u2019s id_service.exe process runs with elevated privileges and ...)
NOT-FOR-US: IDrive
-CVE-2025-71275 (Zimbra Collaboration Suite (ZCS) PostJournal service version 8.8.15 co ...)
+CVE-2025-71275
+ REJECTED
NOT-FOR-US: Zimbra
CVE-2025-64998 (Exposure of session signing secret in Checkmk <2.4.0p23, <2.3.0p45 and ...)
TODO: check
@@ -2683,6 +3378,7 @@ CVE-2026-1093 (The WPFAQBlock\u2013 FAQ & Accordion Plugin For Gutenberg plugin
CVE-2026-0609 (The Logo Slider \u2013 Logo Carousel, Logo Showcase & Client Logo Slid ...)
NOT-FOR-US: WordPress plugin
CVE-2025-63261 (AWStats 8.0 is vulnerable to Command Injection via the open function)
+ {DLA-4509-1}
- awstats <unfixed> (bug #1131878)
NOTE: https://pentest-tools.com/PTT-2025-021-Code-Execution-in-AWStats.pdf
CVE-2025-55988 (An issue in the component /Controllers/RestController.php of DreamFact ...)
@@ -4285,7 +4981,7 @@ CVE-2026-4355 (A vulnerability was detected in Portabilis i-Educar 2.11. This im
NOT-FOR-US: Portabilis
CVE-2026-4354 (A vulnerability was identified in TRENDnet TEW-824DRU 1.010B01/1.04B01 ...)
NOT-FOR-US: TRENDnet
-CVE-2026-4349 (A vulnerability was determined in Duende IdentityServer 4. The affecte ...)
+CVE-2026-4349 (A vulnerability was determined in Duende IdentityServer4 up to 4.1.2. ...)
NOT-FOR-US: Duende IdentityServer
CVE-2026-4268 (The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulne ...)
NOT-FOR-US: WordPress plugin
@@ -13474,7 +14170,7 @@ CVE-2026-2801 (Incorrect boundary conditions in the JavaScript: WebAssembly comp
- firefox 148.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2801
CVE-2026-2781 (Integer overflow in the Libraries component in NSS. This vulnerability ...)
- {DSA-6152-1 DSA-6149-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6149-1 DSA-6148-1 DLA-4508-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f57ed062e70b22d9f53ed9435ba885984fe8eb0f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f57ed062e70b22d9f53ed9435ba885984fe8eb0f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260325/b4504308/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list