[Git][security-tracker-team/security-tracker][master] Add two new node-mermaid issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat May 30 07:59:54 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
408e87fb by Salvatore Bonaccorso at 2026-05-30T08:59:33+02:00
Add two new node-mermaid issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -239,9 +239,15 @@ CVE-2026-42941 (TheDanelec MacGregor Voyage Data Recorder device includes a def
CVE-2026-42929 (Danelec MacGregor Voyage Data Recorder includes default accounts with ...)
NOT-FOR-US: Danelec
CVE-2026-41159 (Mermaid is a JavaScript tool that uses Markdown-inspired text to creat ...)
- TODO: check
+ - node-mermaid <removed>
+ NOTE: https://github.com/mermaid-js/mermaid/security/advisories/GHSA-87f9-hvmw-gh4p
+ NOTE: https://github.com/mermaid-js/mermaid/commit/64769738d5b59211e1decb471ffbaca8afec51aa (mermaid at 11.15.0)
+ NOTE: https://github.com/mermaid-js/mermaid/commit/a9d9f0d8eb790349121508688cd338253fd80d76 (v10.9.6)
CVE-2026-41150 (Mermaid is a JavaScript tool that uses Markdown-inspired text to creat ...)
- TODO: check
+ - node-mermaid <removed>
+ NOTE: https://github.com/mermaid-js/mermaid/security/advisories/GHSA-6m6c-36f7-fhxh
+ NOTE: https://github.com/mermaid-js/mermaid/commit/faafb5d49106dd32c367f3882505f2dd625aa30e (mermaid at 11.15.0)
+ NOTE: https://github.com/mermaid-js/mermaid/commit/a59ea56174712ee5430dfd5bc877cb5151f501a6 (v10.9.6)
CVE-2026-40528 (OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and he ...)
TODO: check
CVE-2026-40510 (OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack bu ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/408e87fbfd9c6ac5d30dfaaf7ba04210fe3b18c8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/408e87fbfd9c6ac5d30dfaaf7ba04210fe3b18c8
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260530/8bf4755a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list