[Git][security-tracker-team/security-tracker][master] Add new modsecurity issue, CVE-2026-42268

Thu May 7 09:19:10 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8e294f0b by Salvatore Bonaccorso at 2026-05-07T10:18:26+02:00
Add new modsecurity issue, CVE-2026-42268

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2107,6 +2107,9 @@ CVE-2026-31196 (The traceroute diagnostic handler in /bin/httpd_clientside for A
 	NOT-FOR-US: ALTICE
 CVE-2026-31195 (The ping diagnostic handler in /bin/httpd_clientside for ALTICE LABS / ...)
 	NOT-FOR-US: ALTICE
+CVE-2026-42268 [Unsigned integer underflow in @verifySSN / @verifyCPF / @verifySVNR operators ]
+	- modsecurity <unfixed>
+	NOTE: https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-vwr3-7x7g-7p9w
 CVE-2026-30923 (ModSecurity is an open source, cross platform web application firewall ...)
 	- modsecurity <unfixed>
 	NOTE: https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-qrjc-3jpc-3h2g



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e294f0b09d8b3124c7f275cd5368dda2d3870d3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e294f0b09d8b3124c7f275cd5368dda2d3870d3
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260507/5c2cd18b/attachment.htm>
