[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun May 10 08:13:17 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f4f29387 by security tracker role at 2026-05-10T07:13:11+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,101 @@
+CVE-2026-8235 (A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This iss ...)
+ TODO: check
+CVE-2026-8234 (A security vulnerability has been detected in EFM ipTIME A8004T 14.18. ...)
+ TODO: check
+CVE-2026-8233 (A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7 ...)
+ TODO: check
+CVE-2026-8232 (A vulnerability was found in Dotouch XproUPF 2.0.0-release-088aa7c4. T ...)
+ TODO: check
+CVE-2026-8231 (A vulnerability has been found in CodeAstro Online Catering Ordering S ...)
+ TODO: check
+CVE-2026-8230 (A flaw has been found in Wavlink NU516U1 240425. The impacted element ...)
+ TODO: check
+CVE-2026-8229 (A vulnerability was detected in Wavlink NU516U1 240425. The affected e ...)
+ TODO: check
+CVE-2026-8228 (A security vulnerability has been detected in Wavlink NU516U1 240425. ...)
+ TODO: check
+CVE-2026-8227 (A weakness has been identified in Wavlink NU516U1 240425. This issue a ...)
+ TODO: check
+CVE-2026-8226 (A security flaw has been discovered in Open5GS up to 2.7.7. This vulne ...)
+ TODO: check
+CVE-2026-8225 (A vulnerability was identified in Open5GS up to 2.7.7. This affects th ...)
+ TODO: check
+CVE-2026-8224 (A vulnerability was determined in Open5GS up to 2.7.7. Affected by thi ...)
+ TODO: check
+CVE-2026-8223 (A vulnerability was found in Open5GS up to 2.7.7. Affected by this vul ...)
+ TODO: check
+CVE-2026-8222 (A vulnerability has been found in Open5GS up to 2.7.7. Affected is the ...)
+ TODO: check
+CVE-2026-8221 (A flaw has been found in Devs Palace ERP Online up to 4.0.0. This impa ...)
+ TODO: check
+CVE-2026-8220 (A vulnerability was detected in Devs Palace ERP Online up to 4.0.0. Th ...)
+ TODO: check
+CVE-2026-8219 (A security vulnerability has been detected in Devs Palace ERP Online u ...)
+ TODO: check
+CVE-2026-8218 (A weakness has been identified in Devs Palace ERP Online up to 4.0.0. ...)
+ TODO: check
+CVE-2026-8217 (A security flaw has been discovered in Industrial Application Software ...)
+ TODO: check
+CVE-2026-8216 (A vulnerability was identified in Industrial Application Software IAS ...)
+ TODO: check
+CVE-2026-8215 (A vulnerability was determined in Industrial Application Software IAS ...)
+ TODO: check
+CVE-2026-8214 (A vulnerability was found in Industrial Application Software IAS Cania ...)
+ TODO: check
+CVE-2026-8213 (A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affect ...)
+ TODO: check
+CVE-2026-8212 (A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by thi ...)
+ TODO: check
+CVE-2026-8211 (A vulnerability was detected in codelibs Fess up to 15.5.1. Affected b ...)
+ TODO: check
+CVE-2026-8210 (A security vulnerability has been detected in aandrew-me tgpt up to 2. ...)
+ TODO: check
+CVE-2026-8196 (A flaw has been found in JeecgBoot 3.9.1. The impacted element is an u ...)
+ TODO: check
+CVE-2026-8195 (A vulnerability was detected in JeecgBoot up to 3.9.1. The affected el ...)
+ TODO: check
+CVE-2026-8194 (A security vulnerability has been detected in osTicket up to 1.18.3. I ...)
+ TODO: check
+CVE-2026-45186 (In libexpat before 2.8.1, the computational complexity of attribute na ...)
+ TODO: check
+CVE-2026-45184 (Kdenlive before 26.04.1 allows dangerous proxy parameters when an atta ...)
+ TODO: check
+CVE-2026-45182 (GrapheneOS before 2026050400 allows attackers to discover the real IP ...)
+ TODO: check
+CVE-2026-45181 (Hex-Rays IDA Pro 9.2 and 9.3 before 9.3sp2 does not block Clang depend ...)
+ TODO: check
+CVE-2026-42606 (AzuraCast is a self-hosted, all-in-one web radio management suite. Pri ...)
+ TODO: check
+CVE-2026-42605 (AzuraCast is a self-hosted, all-in-one web radio management suite. Pri ...)
+ TODO: check
+CVE-2026-42601 (ArchiveBox is an open source self-hosted web archiving system. In vers ...)
+ TODO: check
+CVE-2026-42576 (apko allows users to build and publish OCI container images built from ...)
+ TODO: check
+CVE-2026-42575 (apko allows users to build and publish OCI container images built from ...)
+ TODO: check
+CVE-2026-42574 (apko allows users to build and publish OCI container images built from ...)
+ TODO: check
+CVE-2026-42571 (Pelican is a platform for creating data federations. From versions 7.2 ...)
+ TODO: check
+CVE-2026-42569 (phpVMS is a PHP application to run and simulate an airline. Prior to v ...)
+ TODO: check
+CVE-2026-42562 (Plainpad is a self hosted note taking app. Prior to version 1.1.1, Pla ...)
+ TODO: check
+CVE-2026-42333 (Quarkus OpenAPI Generator is Quarkus' extensions for generation of Res ...)
+ TODO: check
+CVE-2026-42258 (Net::IMAP implements Internet Message Access Protocol (IMAP) client fu ...)
+ TODO: check
+CVE-2026-42257 (Net::IMAP implements Internet Message Access Protocol (IMAP) client fu ...)
+ TODO: check
+CVE-2026-42256 (Net::IMAP implements Internet Message Access Protocol (IMAP) client fu ...)
+ TODO: check
+CVE-2026-42246 (Net::IMAP implements Internet Message Access Protocol (IMAP) client fu ...)
+ TODO: check
+CVE-2026-42245 (Net::IMAP implements Internet Message Access Protocol (IMAP) client fu ...)
+ TODO: check
+CVE-2026-41893 (Signal K Server is a server application that runs on a central hub in ...)
+ TODO: check
CVE-2026-8198 (The Activity Logs, User Activity Tracking, Multisite Activity Log from ...)
NOT-FOR-US: WordPress plugin
CVE-2026-8193 (A weakness has been identified in Akaunting 3.1.21. This issue affects ...)
@@ -1489,7 +1587,7 @@ CVE-2026-43500 [rxrpc: Also unshare DATA/RESPONSE packets when paged frags are p
CVE-2026-43284 (In the Linux kernel, the following vulnerability has been resolved: x ...)
{DSA-6258-1 DSA-6253-1 DLA-4574-1 DLA-4572-1}
- linux 7.0.4-1
-CVE-2026-7258
+CVE-2026-7258 (In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before ...)
{DSA-6256-1 DSA-6255-1}
- php8.4 8.4.21-1 (bug #1136054)
- php8.2 <removed>
@@ -1499,63 +1597,63 @@ CVE-2026-7258
NOTE: https://github.com/php/php-src/commit/dc9e21b81c143faa9677bb0cf157e83960a24d0d
NOTE: https://github.com/php/php-src/commit/398b7dabfbd2e8f4f4ed2065dbcf3e3794e8ca47
NOTE: https://github.com/php/php-src/commit/a38418777f65780d9d622197677e90567690fc07
-CVE-2026-7568
+CVE-2026-7568 (In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before ...)
{DSA-6256-1 DSA-6255-1}
- php8.4 8.4.21-1 (bug #1136054)
- php8.2 <removed>
- php7.4 <removed>
NOTE: https://github.com/php/php-src/security/advisories/GHSA-96wq-48vp-hh57
NOTE: https://github.com/php/php-src/commit/47def8ce1db1fdbffcfc1f5bb11877a0e22d4b32
-CVE-2026-7262
+CVE-2026-7262 (In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before ...)
{DSA-6256-1 DSA-6255-1}
- php8.4 8.4.21-1 (bug #1136054)
- php8.2 <removed>
- php7.4 <removed>
NOTE: https://github.com/php/php-src/security/advisories/GHSA-hmxp-6pc4-f3vv
NOTE: https://github.com/php/php-src/commit/79551ab8b1a97760c739e372f9bc359619f3554d
-CVE-2026-7261
+CVE-2026-7261 (In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before ...)
{DSA-6256-1 DSA-6255-1}
- php8.4 8.4.21-1 (bug #1136054)
- php8.2 <removed>
- php7.4 <removed>
NOTE: https://github.com/php/php-src/commit/db2a7f9348fd5dda5fd162061786a664c417bf5b
NOTE: https://github.com/php/php-src/security/advisories/GHSA-m33r-qmcv-p97q
-CVE-2026-6722
+CVE-2026-6722 (In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before ...)
{DSA-6256-1 DSA-6255-1}
- php8.4 8.4.21-1 (bug #1136054)
- php8.2 <removed>
- php7.4 <removed>
NOTE: https://github.com/php/php-src/security/advisories/GHSA-85c2-q967-79q5
NOTE: https://github.com/php/php-src/commit/aee3b3ac9b816b0def1c462695b483b49a83148e
-CVE-2025-14179
+CVE-2025-14179 (In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before ...)
{DSA-6256-1 DSA-6255-1}
- php8.4 8.4.21-1 (bug #1136054)
- php8.2 <removed>
- php7.4 <removed>
NOTE: https://github.com/php/php-src/security/advisories/GHSA-w476-322c-wpvm
NOTE: https://github.com/php/php-src/commit/3f40b65323dd1b85e9bab6878237d3867e449d5c
-CVE-2026-6104
+CVE-2026-6104 (In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, when an en ...)
{DSA-6256-1}
- php8.4 8.4.21-1 (bug #1136054)
- php8.2 <not-affected> (Only affects 8.4 and later)
- php7.4 <not-affected> (Only affects 8.4 and later)
NOTE: https://github.com/php/php-src/security/advisories/GHSA-74r9-qxhc-fx53
NOTE: https://github.com/php/php-src/commit/56ee76f82045ab728f3e63e20bf9530621e829cb
-CVE-2026-7259
+CVE-2026-7259 (In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before ...)
{DSA-6256-1 DSA-6255-1}
- php8.4 8.4.21-1 (bug #1136054)
- php8.2 <removed>
- php7.4 <removed>
NOTE: https://github.com/php/php-src/security/advisories/GHSA-wm6j-2649-pv75
NOTE: https://github.com/php/php-src/commit/79a054eae016c56409432e69aebc8ca908a88838
-CVE-2026-6735
+CVE-2026-6735 (In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before ...)
{DSA-6256-1 DSA-6255-1}
- php8.4 8.4.21-1 (bug #1136054)
- php8.2 <removed>
- php7.4 <removed>
NOTE: https://github.com/php/php-src/security/advisories/GHSA-7qg2-v9fj-4mwv
NOTE: https://github.com/php/php-src/commit/99a5ad7441de9914246c7863adb6997396008b9d
-CVE-2026-7263
+CVE-2026-7263 (In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, DOMNode::C ...)
{DSA-6256-1}
- php8.4 8.4.21-1 (bug #1136054)
- php8.2 <not-affected> (Only affects 8.4 and later)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4f29387d775c2dac2d1bfa8beb3f4c8e41e5e8f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4f29387d775c2dac2d1bfa8beb3f4c8e41e5e8f
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260510/1a4b999d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list