[Git][security-tracker-team/security-tracker][master] CVE-2026-41148,CVE-2026-41149/node-mermaid: bullseye postponed

Sylvain Beucler (@beuc) gitlab at salsa.debian.org
Sat May 23 09:30:30 BST 2026 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
480945ca by Sylvain Beucler at 2026-05-23T10:29:59+02:00
CVE-2026-41148,CVE-2026-41149/node-mermaid: bullseye postponed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22,11 +22,13 @@ CVE-2026-42827 (Improper neutralization of special elements used in a command ('
 	NOT-FOR-US: Microsoft
 CVE-2026-41149 (Mermaid is a JavaScript tool that uses Markdown-inspired text to creat ...)
 	- node-mermaid <removed>
+	[bullseye] - node-mermaid <postponed> (Minor issue, no rdeps)
 	NOTE: https://github.com/mermaid-js/mermaid/security/advisories/GHSA-ghcm-xqfw-q4vr
 	NOTE: Fixed by: https://github.com/mermaid-js/mermaid/commit/37ff937f1da2e19f882fd1db01235db4d01f4056 (mermaid at 11.15.0)
 	NOTE: Fixed by: https://github.com/mermaid-js/mermaid/commit/4e2d512bf5bf6f9de1a8f0a48da78dc4d09ac4f3 (v10.9.6)
 CVE-2026-41148 (Mermaid is a JavaScript tool that uses Markdown-inspired text to creat ...)
 	- node-mermaid <removed>
+	[bullseye] - node-mermaid <postponed> (Minor issue, no rdeps)
 	NOTE: https://github.com/mermaid-js/mermaid/security/advisories/GHSA-xcj9-5m2h-648r
 	NOTE: Fixed by: https://github.com/mermaid-js/mermaid/commit/e9b0f34d8d82a6260077764ee45e1d7d90957a0f (mermaid at 11.15.0)
 	NOTE: Fixed by: https://github.com/mermaid-js/mermaid/commit/8fead23c59166b7bab6a39eac81acebee2859102 (v10.9.6)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/480945ca9c2311569955a9d7f3e831d43ccdca33

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/480945ca9c2311569955a9d7f3e831d43ccdca33
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260523/9dd57afb/attachment.htm>

More information about the debian-security-tracker-commits mailing list