[Git][security-tracker-team/security-tracker][master] Add new CVE for brace-expansion

Sun May 31 08:11:06 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e1d28706 by Salvatore Bonaccorso at 2026-05-31T09:10:48+02:00
Add new CVE for brace-expansion

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -160,7 +160,9 @@ CVE-2026-45294 (FreeScout is a free help desk and shared inbox built with PHP's
 CVE-2026-45151 (NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform.  ...)
 	NOT-FOR-US: NanoMQ MQTT Broker (NanoMQ)
 CVE-2026-45149 (The brace-expansion library generates arbitrary strings containing a c ...)
-	TODO: check
+	- node-brace-expansion <unfixed>
+	NOTE: https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-jxxr-4gwj-5jf2
+	TODO: check afffected versions
 CVE-2026-44640 (NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform.  ...)
 	NOT-FOR-US: NanoMQ MQTT Broker (NanoMQ)
 CVE-2026-44422 (FreeRDP is a free implementation of the Remote Desktop Protocol. Prior ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1d287064044c4a5be7ab3c3a76d00d6f80c00cc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1d287064044c4a5be7ab3c3a76d00d6f80c00cc
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260531/f44f35c1/attachment.htm>
