[Git][security-tracker-team/security-tracker][master] Add CVE-2026-39824/golang-golang-x-sys
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat May 23 08:45:33 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
701065e0 by Salvatore Bonaccorso at 2026-05-23T09:44:58+02:00
Add CVE-2026-39824/golang-golang-x-sys
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -69,7 +69,9 @@ CVE-2026-40295 (Devise is an authentication solution for Rails based on Warden.
CVE-2026-3294 (An authentication logic vulnerability in multiple TP-Link range extend ...)
NOT-FOR-US: TPLink
CVE-2026-39824 (NewNTUnicodeString does not check for string length overflow. When pro ...)
- TODO: check
+ - golang-golang-x-sys <not-affected> (Only affects golang.org/x/sys on Windows)
+ NOTE: https://groups.google.com/g/golang-announce/c/6MMI8Lj-Atg
+ NOTE: https://github.com/golang/go/issues/78916
CVE-2026-35430 (Authorization bypass through user-controlled key in Azure Privileged I ...)
NOT-FOR-US: Microsoft
CVE-2026-33843 (Authentication bypass using an alternate path or channel in Microsoft ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/701065e052a2615d15ae440e79ef84fe5b4aef32
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/701065e052a2615d15ae440e79ef84fe5b4aef32
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260523/2661a8e2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list