(ofbiz-site) branch master updated: Add new CVEs to the security page

Tue, 19 May 2026 02:22:06 -0700 

This is an automated email from the ASF dual-hosted git repository.

jacopoc pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ofbiz-site.git


The following commit(s) were added to refs/heads/master by this push:
     new a9b44fb  Add new CVEs to the security page
a9b44fb is described below

commit a9b44fb95b930b3ea4740caa094c2d47ae5f7d80
Author: Jacopo Cappellato <[email protected]>
AuthorDate: Tue May 19 11:19:10 2026 +0200

    Add new CVEs to the security page
---
 security.html                  | 17 +++++++++++++++++
 template/page/security.tpl.php | 17 +++++++++++++++++
 2 files changed, 34 insertions(+)

diff --git a/security.html b/security.html
index 81d4309..80e862a 100644
--- a/security.html
+++ b/security.html
@@ -157,6 +157,23 @@
              <h2>List of Known Vulnerabilities</h2>
             The following is a list of known security vulnerabilities in 
Apache OFBiz.
             <ul class="iconsList">
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-46586" 
target="external">CVE-2026-46586</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-45434" 
target="external">CVE-2026-45434</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-45187" 
target="external">CVE-2026-45187</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41919" 
target="external">CVE-2026-41919</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35086" 
target="external">CVE-2026-35086</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31986" 
target="external">CVE-2026-31986</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31910" 
target="external">CVE-2026-31910</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31909" 
target="external">CVE-2026-31909</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31906" 
target="external">CVE-2026-31906</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31388" 
target="external">CVE-2026-31388</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31387" 
target="external">CVE-2026-31387</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31380" 
target="external">CVE-2026-31380</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31379" 
target="external">CVE-2026-31379</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31378" 
target="external">CVE-2026-31378</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29226" 
target="external">CVE-2026-29226</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29220" 
target="external">CVE-2026-29220</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29207" 
target="external">CVE-2026-29207</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
                 <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61623" 
target="external">CVE-2025-61623</a>; affected releases before 24.09.03; fixed 
in 24.09.03 with commits <a 
href="https://github.com/apache/ofbiz-framework/commit/4c624298a6"; 
target="external">4c624298a6</a>, <a 
href="https://github.com/apache/ofbiz-framework/commit/e8ad44dc36"; 
target="external">e8ad44dc36</a>, <a 
href="https://github.com/apache/ofbiz-framework/commit/505c88cf45"; [...]
                 <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59118" 
target="external">CVE-2025-59118</a>; affected releases before 24.09.03; fixed 
in 24.09.03 with commits <a 
href="https://github.com/apache/ofbiz-framework/commit/e1d30e8f55"; 
target="external">e1d30e8f55</a>, <a 
href="https://github.com/apache/ofbiz-framework/commit/cfee3063b1"; 
target="external">cfee3063b1</a>, <a 
href="https://github.com/apache/ofbiz-framework/commit/fd6a3b8644"; [...]
                 <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54466" 
target="external">CVE-2025-54466</a>; affected releases before 24.09.02; fixed 
in 24.09.02 with commit <a 
href="https://gitbox.apache.org/repos/asf?p=ofbiz-plugins.git;h=5a35b4f84f"; 
target="external">5a35b4f84f</a></li>
diff --git a/template/page/security.tpl.php b/template/page/security.tpl.php
index d71c9a0..fd75562 100644
--- a/template/page/security.tpl.php
+++ b/template/page/security.tpl.php
@@ -58,6 +58,23 @@
              <h2>List of Known Vulnerabilities</h2>
             The following is a list of known security vulnerabilities in 
Apache OFBiz.
             <ul class="iconsList">
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-46586" 
target="external">CVE-2026-46586</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-45434" 
target="external">CVE-2026-45434</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-45187" 
target="external">CVE-2026-45187</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41919" 
target="external">CVE-2026-41919</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35086" 
target="external">CVE-2026-35086</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31986" 
target="external">CVE-2026-31986</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31910" 
target="external">CVE-2026-31910</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31909" 
target="external">CVE-2026-31909</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31906" 
target="external">CVE-2026-31906</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31388" 
target="external">CVE-2026-31388</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31387" 
target="external">CVE-2026-31387</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31380" 
target="external">CVE-2026-31380</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31379" 
target="external">CVE-2026-31379</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31378" 
target="external">CVE-2026-31378</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29226" 
target="external">CVE-2026-29226</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29220" 
target="external">CVE-2026-29220</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
+                <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29207" 
target="external">CVE-2026-29207</a>; affected releases before 24.09.06; fixed 
in 24.09.06</li>
                 <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61623" 
target="external">CVE-2025-61623</a>; affected releases before 24.09.03; fixed 
in 24.09.03 with commits <a 
href="https://github.com/apache/ofbiz-framework/commit/4c624298a6"; 
target="external">4c624298a6</a>, <a 
href="https://github.com/apache/ofbiz-framework/commit/e8ad44dc36"; 
target="external">e8ad44dc36</a>, <a 
href="https://github.com/apache/ofbiz-framework/commit/505c88cf45"; [...]
                 <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59118" 
target="external">CVE-2025-59118</a>; affected releases before 24.09.03; fixed 
in 24.09.03 with commits <a 
href="https://github.com/apache/ofbiz-framework/commit/e1d30e8f55"; 
target="external">e1d30e8f55</a>, <a 
href="https://github.com/apache/ofbiz-framework/commit/cfee3063b1"; 
target="external">cfee3063b1</a>, <a 
href="https://github.com/apache/ofbiz-framework/commit/fd6a3b8644"; [...]
                 <li><i class="icon-pin"></i> <a 
href="//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54466" 
target="external">CVE-2025-54466</a>; affected releases before 24.09.02; fixed 
in 24.09.02 with commit <a 
href="https://gitbox.apache.org/repos/asf?p=ofbiz-plugins.git;h=5a35b4f84f"; 
target="external">5a35b4f84f</a></li>

Reply via email to