[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun May 3 20:13:23 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b26a268a by security tracker role at 2026-05-03T19:13:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,45 @@
+CVE-2026-7704 (A vulnerability has been found in AV Stumpfl Pixera Two Media Server u ...)
+ TODO: check
+CVE-2026-7703 (A flaw has been found in AV Stumpfl Pixera Two Media Server up to 25.2 ...)
+ TODO: check
+CVE-2026-7702 (A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This ...)
+ TODO: check
+CVE-2026-7701 (A security vulnerability has been detected in Telegram Desktop up to 6 ...)
+ TODO: check
+CVE-2026-7700 (A weakness has been identified in langflow-ai langflow up to 1.8.4. Th ...)
+ TODO: check
+CVE-2026-7699 (A security flaw has been discovered in Dromara MaxKey up to 3.5.13. Af ...)
+ TODO: check
+CVE-2026-7698 (A vulnerability was identified in Tiandy Easy7 Integrated Management P ...)
+ TODO: check
+CVE-2026-7697 (A vulnerability was determined in AMTT Hotel Broadband Operation Syste ...)
+ TODO: check
+CVE-2026-7696 (A vulnerability was found in Acrel Electrical EEMS Enterprise Power Op ...)
+ TODO: check
+CVE-2026-7695 (A vulnerability has been found in Acrel Electrical EEMS Enterprise Pow ...)
+ TODO: check
+CVE-2026-7694 (A flaw has been found in Acrel Electrical ECEMS Enterprise Microgrid E ...)
+ TODO: check
+CVE-2026-7692 (A vulnerability was detected in Wavlink WL-WN570HA1 R70HA1 V1410_22111 ...)
+ TODO: check
+CVE-2026-7691 (A security vulnerability has been detected in Wavlink WL-WN570HA1 R70H ...)
+ TODO: check
+CVE-2026-7690 (A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410_221 ...)
+ TODO: check
+CVE-2026-7689 (A security flaw has been discovered in Dolibarr ERP CRM up to 23.0.2. ...)
+ TODO: check
+CVE-2026-7688 (A vulnerability was identified in Dolibarr ERP CRM up to 23.0.2. This ...)
+ TODO: check
+CVE-2026-7687 (A vulnerability was determined in langflow-ai langflow up to 1.8.4. Af ...)
+ TODO: check
+CVE-2026-7686 (A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. ...)
+ TODO: check
+CVE-2026-7685 (A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected ...)
+ TODO: check
+CVE-2026-7684 (A security vulnerability has been detected in Edimax BR-6428nC up to 1 ...)
+ TODO: check
+CVE-2026-7683 (A weakness has been identified in Edimax BR-6428nC up to 1.16. This af ...)
+ TODO: check
CVE-2026-7682 (A security flaw has been discovered in Edimax BR-6208AC 1.02. The impa ...)
NOT-FOR-US: Edimax
CVE-2026-7681 (A security vulnerability has been detected in jsbroks COCO Annotator u ...)
@@ -6776,7 +6818,7 @@ CVE-2026-34284 (Vulnerability in the Oracle Business Process Management Suite pr
CVE-2026-34283 (Vulnerability in the Oracle Identity Manager product of Oracle Fusion ...)
NOT-FOR-US: Oracle
CVE-2026-34282 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
- {DSA-6237-1 DSA-6231-1}
+ {DSA-6246-1 DSA-6237-1 DSA-6231-1}
- openjdk-11 11.0.31+11-1
- openjdk-17 17.0.19+10-1
- openjdk-21 21.0.11+10-1
@@ -6809,7 +6851,7 @@ CVE-2026-34270 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
CVE-2026-34269 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
NOT-FOR-US: Oracle
CVE-2026-34268 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
- {DSA-6237-1 DSA-6231-1}
+ {DSA-6246-1 DSA-6237-1 DSA-6231-1}
- openjdk-8 <unfixed> (bug #1134894)
- openjdk-11 11.0.31+11-1
- openjdk-17 17.0.19+10-1
@@ -6856,7 +6898,7 @@ CVE-2026-22746 (Vulnerability in Spring Spring Security. If an application is us
- libspring-security-2.0-java <removed>
NOTE: https://spring.io/security/cve-2026-22746
CVE-2026-22021 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
- {DSA-6237-1 DSA-6231-1}
+ {DSA-6246-1 DSA-6237-1 DSA-6231-1}
- openjdk-8 <unfixed> (bug #1134894)
- openjdk-11 11.0.31+11-1
- openjdk-17 17.0.19+10-1
@@ -6866,7 +6908,7 @@ CVE-2026-22021 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
CVE-2026-22019 (Vulnerability in the PeopleSoft Enterprise HCM Shared Components produ ...)
NOT-FOR-US: Oracle
CVE-2026-22018 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
- {DSA-6237-1 DSA-6231-1}
+ {DSA-6246-1 DSA-6237-1 DSA-6231-1}
- openjdk-8 <unfixed> (bug #1134894)
- openjdk-11 11.0.31+11-1
- openjdk-17 17.0.19+10-1
@@ -6876,7 +6918,7 @@ CVE-2026-22018 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
CVE-2026-22017 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 8.0.46-1 (bug #1134614)
CVE-2026-22016 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
- {DSA-6237-1 DSA-6231-1}
+ {DSA-6246-1 DSA-6237-1 DSA-6231-1}
- openjdk-8 <unfixed> (bug #1134894)
- openjdk-11 11.0.31+11-1
- openjdk-17 17.0.19+10-1
@@ -6888,7 +6930,7 @@ CVE-2026-22015 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
CVE-2026-22014 (Vulnerability in the Oracle User Management product of Oracle E-Busine ...)
NOT-FOR-US: Oracle
CVE-2026-22013 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
- {DSA-6237-1 DSA-6231-1}
+ {DSA-6246-1 DSA-6237-1 DSA-6231-1}
- openjdk-8 <unfixed> (bug #1134894)
- openjdk-11 11.0.31+11-1
- openjdk-17 17.0.19+10-1
@@ -6902,10 +6944,11 @@ CVE-2026-22010 (Vulnerability in the Oracle Financial Services Analytical Applic
CVE-2026-22009 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 8.0.46-1 (bug #1134614)
CVE-2026-22008 (Vulnerability in Oracle Java SE (component: Libraries). The supporte ...)
+ {DSA-6246-1}
- openjdk-25 25.0.3+9-1
NOTE: https://openjdk.org/groups/vulnerability/advisories/2026-04-21
CVE-2026-22007 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
- {DSA-6237-1 DSA-6231-1}
+ {DSA-6246-1 DSA-6237-1 DSA-6231-1}
- openjdk-8 <unfixed> (bug #1134894)
- openjdk-11 11.0.31+11-1
- openjdk-17 17.0.19+10-1
@@ -10227,13 +10270,13 @@ CVE-2026-40312 (ImageMagick is free and open-source software used for editing an
NOTE: Introduced with: https://github.com/ImageMagick/ImageMagick6/commit/0e328007d2eeefb9ae24bc3f4442b1a2469d772e (6.9.13-39)
NOTE: Fix included in: https://github.com/ImageMagick/ImageMagick6/commit/74e89a3dad41f89dfa74399c0b087d3ee4e81f90 (6.9.13-39)
CVE-2026-40311 (ImageMagick is free and open-source software used for editing and mani ...)
- {DSA-6240-1 DLA-4559-1}
+ {DSA-6245-1 DSA-6240-1 DLA-4559-1}
- imagemagick 8:7.1.2.19+dfsg1-1 (bug #1134627)
NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r83h-crwp-3vm7
NOTE: https://github.com/ImageMagick/ImageMagick/commit/5facfecf1abb3fed46a08f614dcc43d1e548e20d (7.1.2-19)
NOTE: https://github.com/ImageMagick/ImageMagick6/commit/ccf3cffe819616b39374594a7b5389fc2d49260d (6.9.13-44)
CVE-2026-40310 (ImageMagick is free and open-source software used for editing and mani ...)
- {DSA-6240-1 DLA-4559-1}
+ {DSA-6245-1 DSA-6240-1 DLA-4559-1}
- imagemagick 8:7.1.2.19+dfsg1-1 (bug #1134627)
NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pwg5-6jfc-crvh
NOTE: https://github.com/ImageMagick/ImageMagick/commit/3d653bea2df085c728a1c8f775808e1e9249dff9 (7.1.2-19)
@@ -10314,7 +10357,7 @@ CVE-2026-34257 (Due to an Open Redirect vulnerability in SAP NetWeaver Applicati
CVE-2026-34256 (Due to a missing authorization check in SAP ERP and SAP S/4HANA (Priva ...)
NOT-FOR-US: SAP
CVE-2026-34238 (ImageMagick is free and open-source software used for editing and mani ...)
- {DSA-6240-1 DLA-4559-1}
+ {DSA-6245-1 DSA-6240-1 DLA-4559-1}
- imagemagick 8:7.1.2.19+dfsg1-1
NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-26qp-ffjh-2x4v
NOTE: https://github.com/ImageMagick/ImageMagick/commit/bcd8519c70ecd9ebbc180920f2cf97b267d1f440 (7.1.2-19)
@@ -10338,13 +10381,13 @@ CVE-2026-33947 (jq is a command-line JSON processor. In versions 1.8.1 and below
NOTE: https://github.com/jqlang/jq/security/advisories/GHSA-xwrw-4f8h-rjvg
NOTE: Fixed by: https://github.com/jqlang/jq/commit/fb59f1491058d58bdc3e8dd28f1773d1ac690a1f
CVE-2026-33908 (ImageMagick is free and open-source software used for editing and mani ...)
- {DSA-6240-1 DLA-4559-1}
+ {DSA-6245-1 DSA-6240-1 DLA-4559-1}
- imagemagick 8:7.1.2.19+dfsg1-1
NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fwvm-ggf6-2p4x
NOTE: https://github.com/ImageMagick/ImageMagick/commit/ccdc01180276aa2cb3d4a32a611aa4f417061cd8 (7.1.2-19)
NOTE: https://github.com/ImageMagick/ImageMagick6/commit/4a8819a0e1c2768d592cb6e8584cadecf9cf536e (6.9.13-44)
CVE-2026-33905 (ImageMagick is free and open-source software used for editing and mani ...)
- {DSA-6240-1 DLA-4559-1}
+ {DSA-6245-1 DSA-6240-1 DLA-4559-1}
- imagemagick 8:7.1.2.19+dfsg1-1
NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pcvx-ph33-r5vv
NOTE: https://github.com/ImageMagick/ImageMagick/commit/cca607366fb38c2dde019a9088b8415ffba3a835 (7.1.2-19)
@@ -10358,19 +10401,19 @@ CVE-2026-33902 (ImageMagick is free and open-source software used for editing an
NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-f4qm-vj5j-9xpw
NOTE: https://github.com/ImageMagick/ImageMagick/commit/d3c0a37485314c5ccef72efb18f3847cd53868ba (7.1.2-19)
CVE-2026-33901 (ImageMagick is free and open-source software used for editing and mani ...)
- {DSA-6240-1 DLA-4559-1}
+ {DSA-6245-1 DSA-6240-1 DLA-4559-1}
- imagemagick 8:7.1.2.19+dfsg1-1
NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-x9h5-r9v2-vcww
NOTE: https://github.com/ImageMagick/ImageMagick/commit/4c72003e9e54a4ebaa938d239e75f5d285527ebe (7.1.2-19)
NOTE: https://github.com/ImageMagick/ImageMagick6/commit/53db9565c648e71733a5c2cc2a4e8e8a4347d9cd (6.9.13-44)
CVE-2026-33900 (ImageMagick is free and open-source software used for editing and mani ...)
- {DSA-6240-1 DLA-4559-1}
+ {DSA-6245-1 DSA-6240-1 DLA-4559-1}
- imagemagick 8:7.1.2.19+dfsg1-1
NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v67w-737x-v2c9
NOTE: https://github.com/ImageMagick/ImageMagick/commit/d27b840a61b322419a66d0d192ff56d52498148d (7.1.2-19)
NOTE: https://github.com/ImageMagick/ImageMagick6/commit/b6c01a5a23f1e350ebe2db78c7cc326db2e320c9 (6.9.13-45)
CVE-2026-33899 (ImageMagick is free and open-source software used for editing and mani ...)
- {DSA-6240-1 DLA-4559-1}
+ {DSA-6245-1 DSA-6240-1 DLA-4559-1}
- imagemagick 8:7.1.2.19+dfsg1-1
NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cr67-pvmx-2pp2
NOTE: https://github.com/ImageMagick/ImageMagick/commit/ae679e2fd19ec656bfab9f822ae4cf06bf91604d (7.1.2-19)
@@ -35760,7 +35803,7 @@ CVE-2026-25982 (ImageMagick is free and open-source software used for editing an
NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/b4c37614b6da7695cb4f5b3c6e326a37bdf2b1a9 (6.9.13-39)
NOTE: for imagemagick6 fix in included in a jumbo security patch with other fix like CVE-2026-25797
CVE-2026-25971 (ImageMagick is free and open-source software used for editing and mani ...)
- {DSA-6158-1 DLA-4539-1}
+ {DSA-6245-1 DSA-6158-1 DLA-4539-1}
- imagemagick 8:7.1.2.15+dfsg1-1
NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8mpr-6xr2-chhc
NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/9313e530b37272b748898febd42b5949756f0179 (7.1.2-14)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b26a268a9762b8dab491d511cb0063329b711b01
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b26a268a9762b8dab491d511cb0063329b711b01
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260503/28e27077/attachment.htm>
More information about the debian-security-tracker-commits
mailing list