[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for dovecot issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed May 13 22:10:15 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
12f05ec5 by Salvatore Bonaccorso at 2026-05-13T23:09:42+02:00
Add Debian bug reference for dovecot issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -784,7 +784,7 @@ CVE-2026-42048 (Langflow is a tool for building and deploying AI-powered agents
CVE-2026-42045 (LobeHub is a work-and-lifestyle space to find, build, and collaborate ...)
TODO: check
CVE-2026-42006 (An attacker can cause uncontrolled memory usage with excessive bracing ...)
- - dovecot <unfixed>
+ - dovecot <unfixed> (bug #1136444)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/12/6
CVE-2026-41895 (changedetection.io is a free open source web page change detection too ...)
TODO: check
@@ -943,10 +943,10 @@ CVE-2026-40357 (Deserialization of untrusted data in Microsoft Office SharePoint
CVE-2026-40300 (Zulip is an open-source team collaboration tool. Prior to 12.0, With m ...)
TODO: check
CVE-2026-40020 (Attacker can use the IMAP SETACL command to inject the anyone permissi ...)
- - dovecot <unfixed>
+ - dovecot <unfixed> (bug #1136444)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/12/6
CVE-2026-40016 (Attacker can upload a malicious Sieve script over ManageSieve service ...)
- - dovecot <unfixed>
+ - dovecot <unfixed> (bug #1136444)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/12/6
CVE-2026-3604 (The WP SEO Structured Data Schema plugin for WordPress is vulnerable t ...)
NOT-FOR-US: WordPress plugin
@@ -1093,7 +1093,7 @@ CVE-2026-33833 (Improper neutralization of special elements in output used by a
CVE-2026-33821 (Improper privilege management in Microsoft Dynamics 365 Customer Insig ...)
NOT-FOR-US: Microsoft
CVE-2026-33603 (Attacker can use a specially crafted base64 exchange between Dovecot a ...)
- - dovecot <unfixed>
+ - dovecot <unfixed> (bug #1136444)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/12/6
CVE-2026-33117 (Improper authentication in Azure SDK allows an unauthorized attacker t ...)
NOT-FOR-US: Microsoft
@@ -1198,7 +1198,7 @@ CVE-2026-2300 (The BJ Lazy Load plugin for WordPress is vulnerable to Stored Cro
CVE-2026-29204 (Insufficient ownership check in `clientarea.php` allows an authenticat ...)
TODO: check
CVE-2026-27851 (When safe filter is used with variable expansion, all following pipeli ...)
- - dovecot <unfixed>
+ - dovecot <unfixed> (bug #1136444)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/12/6
CVE-2026-27662 (Affected devices do not properly restrict access to the web browser vi ...)
NOT-FOR-US: Siemens
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12f05ec5920f26b7d40524e8cfbc893b372f5ec3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12f05ec5920f26b7d40524e8cfbc893b372f5ec3
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260513/6a3ebfe6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list