Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
09ece072 by security tracker role at 2026-06-05T19:13:30+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,1128 @@
-CVE-2026-50593
+CVE-2026-9270 (DataDog::DogStatsd versions through 0.07 for Perl allow metric
injecti ...)
+ TODO: check
+CVE-2026-9088 (A flaw was found in org.keycloak.services. An administrator
with deleg ...)
+ TODO: check
+CVE-2026-8914 (In Teltonika Networks RUTOS devices, running versions 7.22
through 7.2 ...)
+ TODO: check
+CVE-2026-8714 (A denial-of-service vulnerability exists in the RTSP server
component ...)
+ TODO: check
+CVE-2026-7763 (A heap-based buffer overflow vulnerability in the morse.ko
HaLow Wi-Fi ...)
+ TODO: check
+CVE-2026-7762 (A heap-based buffer overflow vulnerability in the dot11ah.ko
HaLow Wi- ...)
+ TODO: check
+CVE-2026-7473 (On affected platforms running Arista EOS where a tunnel
decapsulation ...)
+ TODO: check
+CVE-2026-6274 (Improper Authentication, Missing authentication for critical
function, ...)
+ TODO: check
+CVE-2026-6209
+ REJECTED
+CVE-2026-6208
+ REJECTED
+CVE-2026-6207
+ REJECTED
+CVE-2026-5589 (An integer underflow in bt_mesh_sol_recv() in the Bluetooth
Mesh solic ...)
+ TODO: check
+CVE-2026-5415 (The WP Captcha PRO (the premium version of the Advanced Google
reCAPTC ...)
+ TODO: check
+CVE-2026-5411 (The WP Captcha PRO (the premium version of the Advanced Google
reCAPTC ...)
+ TODO: check
+CVE-2026-5066 (A potential out-of-bounds write/read exists in the TLS socket
connect ...)
+ TODO: check
+CVE-2026-50733 (Markdown Preview Enhanced before 0.8.28 parses WaveDrom
diagrams by ev ...)
+ TODO: check
+CVE-2026-50590 (In Mimecast Incydr before 2.6.0, arbitrary file access can
occur.)
+ TODO: check
+CVE-2026-50589 (In OpenStack Ironic 32 through 35.0.1, an unauthenticated
malicious us ...)
+ TODO: check
+CVE-2026-50265 (A flaw was found in libinput. A local attacker with access to
/dev/uin ...)
+ TODO: check
+CVE-2026-50235 (Lyrion Music Server 9.2.0 contains a reflected cross-site
scripting vu ...)
+ TODO: check
+CVE-2026-50234 (Lyrion Music Server 9.2.0 contains a path traversal
vulnerability that ...)
+ TODO: check
+CVE-2026-50233 (Lyrion Music Server 9.2.0 contains an arbitrary directory
listing vuln ...)
+ TODO: check
+CVE-2026-50232 (Lyrion Music Server 9.2.0 contains a stored cross-site
scripting vulne ...)
+ TODO: check
+CVE-2026-50231 (Lyrion Music Server 9.2.0 contains an unauthenticated stored
cross-sit ...)
+ TODO: check
+CVE-2026-50230 (Lyrion Music Server 9.2.0 contains an unauthenticated
reflected cross- ...)
+ TODO: check
+CVE-2026-49777 (Improper Validation of Specified Quantity in Input
vulnerability in Sh ...)
+ TODO: check
+CVE-2026-49493 (Markdown Preview Enhanced before 0.8.28 parses Bitfield fenced
code bl ...)
+ TODO: check
+CVE-2026-49492 (Markdown Preview Enhanced before 0.8.28 opens external files
and links ...)
+ TODO: check
+CVE-2026-48907 (A vulnerability in the JCE editor extension for Joomla allows
the crea ...)
+ TODO: check
+CVE-2026-48579 (Improper authorization in Microsoft Exchange Online allows an
unauthor ...)
+ TODO: check
+CVE-2026-48567 (Authentication bypass by spoofing in Azure HorizonDB allows an
unautho ...)
+ TODO: check
+CVE-2026-47655 (Exposure of sensitive information to an unauthorized actor in
Microsof ...)
+ TODO: check
+CVE-2026-47644 (Improper neutralization of special elements in output used by
a downst ...)
+ TODO: check
+CVE-2026-46511 (HAX CMS helps manage microsite universe with PHP or NodeJs
backends. P ...)
+ TODO: check
+CVE-2026-46496 (HAX CMS helps manage microsite universe with PHP or NodeJs
backends. A ...)
+ TODO: check
+CVE-2026-46399 (HAX CMS helps manage microsite universe with PHP or NodeJs
backends. T ...)
+ TODO: check
+CVE-2026-46396 (HAX CMS helps manage microsite universe with PHP or NodeJs
backends. A ...)
+ TODO: check
+CVE-2026-46395 (HAX CMS helps manage microsite universe with PHP or NodeJs
backends. P ...)
+ TODO: check
+CVE-2026-46394 (HAX CMS helps manage microsite universe with PHP or NodeJs
backends. P ...)
+ TODO: check
+CVE-2026-46393 (HAX CMS helps manage microsite universe with PHP or NodeJs
backends. A ...)
+ TODO: check
+CVE-2026-46392 (HAX CMS helps manage microsite universe with PHP or NodeJs
backends. P ...)
+ TODO: check
+CVE-2026-46391 (HAX CMS helps manage microsite universe with PHP or NodeJs
backends. S ...)
+ TODO: check
+CVE-2026-46390 (HAX CMS helps manage microsite universe with PHP or NodeJs
backends. S ...)
+ TODO: check
+CVE-2026-46389 (UDS Identity Config builds the Keycloak configuration image
(realm, pl ...)
+ TODO: check
+CVE-2026-45750 (Termix is a web-based server management platform with SSH
terminal, tu ...)
+ TODO: check
+CVE-2026-45749 (Termix is a web-based server management platform with SSH
terminal, tu ...)
+ TODO: check
+CVE-2026-45748 (Termix is a web-based server management platform with SSH
terminal, tu ...)
+ TODO: check
+CVE-2026-45746 (Termix is a web-based server management platform with SSH
terminal, tu ...)
+ TODO: check
+CVE-2026-45745 (Termix is a web-based server management platform with SSH
terminal, tu ...)
+ TODO: check
+CVE-2026-45744 (Termix is a web-based server management platform with SSH
terminal, tu ...)
+ TODO: check
+CVE-2026-45743 (Termix is a web-based server management platform with SSH
terminal, tu ...)
+ TODO: check
+CVE-2026-45497 (Improper neutralization of special elements used in a command
('comman ...)
+ TODO: check
+CVE-2026-45327 (TinyIce is a streaming server for audio and video. In versions
0.8.95 ...)
+ TODO: check
+CVE-2026-45291 (Cloudburst Network provides network components used within
Cloudburst ...)
+ TODO: check
+CVE-2026-45290 (Cloudburst Network provides network components used within
Cloudburst ...)
+ TODO: check
+CVE-2026-42824 (Improper neutralization of special elements used in a command
('comman ...)
+ TODO: check
+CVE-2026-41567 (Moby is an open source container framework. In versions prior
to 29.5. ...)
+ TODO: check
+CVE-2026-41522 (Iris is a web collaborative platform that helps incident
responders sh ...)
+ TODO: check
+CVE-2026-41518 (Chartbrew is an open-source web application that can connect
directly ...)
+ TODO: check
+CVE-2026-41249 (CoreShop is a Pimcore enhanced eCommerce solution. In versions
5.0.1 t ...)
+ TODO: check
+CVE-2026-38579 (Multiple reflected Cross-Site Scripting (XSS) vulnerabilities
in damas ...)
+ TODO: check
+CVE-2026-38500
+ REJECTED
+CVE-2026-37737 (sanic-cors version 2.2.0 and prior contains an improper
regular expres ...)
+ TODO: check
+CVE-2026-36501 (An issue in the Externalizable.readExternal() component of
Controller ...)
+ TODO: check
+CVE-2026-36500 (An issue in the cluster-admin:backup-datastore component of
Controller ...)
+ TODO: check
+CVE-2026-2379 (On affected platforms with hardware IPSec support running
Arista EOS w ...)
+ TODO: check
+CVE-2026-25659 (Ericsson Packet Core Gateway (PCG) versions prior to 1.30
contain an I ...)
+ TODO: check
+CVE-2026-25658 (Ericsson Packet Core Gateway (PCG) versions prior to 1.30
contain an I ...)
+ TODO: check
+CVE-2026-25657 (Ericsson Packet Core Gateway (PCG) versions prior to 1.30
contain an I ...)
+ TODO: check
+CVE-2026-21837 (HCL Digital Experience is affected by an OS command injection
vulnerab ...)
+ TODO: check
+CVE-2026-21826 (HCL Digital Experience and HCL Digital Experience Compose
could be sus ...)
+ TODO: check
+CVE-2026-21825 (HCL Digital Experience Compose is affected by a reflected
cross-site s ...)
+ TODO: check
+CVE-2026-21404 (NAVTOR NavBox through version 4.16.1.20 contains hard-coded
credential ...)
+ TODO: check
+CVE-2026-21038 (Improper input validation in Samsung Android USB Driver for
Windows pr ...)
+ TODO: check
+CVE-2026-21037 (Improper input validation in Samsung Members prior to version
5.8.01.5 ...)
+ TODO: check
+CVE-2026-21036 (Improper authorization in Samsung Internet prior to version
30.0.0.39 ...)
+ TODO: check
+CVE-2026-21035 (Improper input validation in Samsung Plus TV prior to version
1.0.28.6 ...)
+ TODO: check
+CVE-2026-21034 (Improper export of android application components in Samsung
Auto prio ...)
+ TODO: check
+CVE-2026-21033 (Improper export of android application components in
ExpressHomeWidget ...)
+ TODO: check
+CVE-2026-21032 (Improper export of android application components in
SmartHomeWidgetRe ...)
+ TODO: check
+CVE-2026-21031 (Improper authorization in AppBlock prior to SMR Jun-2026
Release 1 all ...)
+ TODO: check
+CVE-2026-21030 (Improper access control in MediaTek Audio HAL prior to SMR
Jun-2026 Re ...)
+ TODO: check
+CVE-2026-21029 (Improper export of android application components in Galaxy
Editing Se ...)
+ TODO: check
+CVE-2026-21028 (Improper access control in AuditLogService prior to SMR
Jun-2026 Relea ...)
+ TODO: check
+CVE-2026-21027 (Improper export of android application components in
ImsSettings prior ...)
+ TODO: check
+CVE-2026-21026 (Improper export of android application components in
SpriteWallpaper p ...)
+ TODO: check
+CVE-2026-21025 (Incorrect privilege assignment in Telephony prior to SMR
Jun-2026 Rele ...)
+ TODO: check
+CVE-2026-21017 (Improper handling of insufficient privileges in
SecTelephonyProvider p ...)
+ TODO: check
+CVE-2026-20245 (A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager,
formerly ...)
+ TODO: check
+CVE-2026-11369 (The Comment API (GET /api/Comment and POST /api/Comment) in
the affect ...)
+ TODO: check
+CVE-2026-11362 (DataDog::DogStatsd versions through 0.07 for Perl allow metric
injecti ...)
+ TODO: check
+CVE-2026-11347 (The linqi application contains hardcoded cryptographic keys.
Additiona ...)
+ TODO: check
+CVE-2026-11346 (A Server-Side Request Forgery (SSRF) vulnerability in the
custom proce ...)
+ TODO: check
+CVE-2026-11345 (An Improper Authentication vulnerability in the
/api/Cdn/GetFile endpo ...)
+ TODO: check
+CVE-2026-11344 (A vulnerability was found in code-projects Vehicle Management
System 1 ...)
+ TODO: check
+CVE-2026-11342 (A vulnerability has been found in code-projects Hotel and
Tourism Rese ...)
+ TODO: check
+CVE-2026-11341 (A flaw has been found in D-Link DWR-M920 up to 1.1.50. The
impacted el ...)
+ TODO: check
+CVE-2026-11339 (A vulnerability was detected in D-Link DWR-M920 up to 1.1.50.
The affe ...)
+ TODO: check
+CVE-2026-11338 (A security vulnerability has been detected in SourceCodester
Ship Ferr ...)
+ TODO: check
+CVE-2026-11337 (A vulnerability was found in tittuvarghese
CollegeManagementSystem 3e4 ...)
+ TODO: check
+CVE-2026-11336 (A vulnerability has been found in tittuvarghese
CollegeManagementSyste ...)
+ TODO: check
+CVE-2026-11335 (A flaw has been found in tittuvarghese CollegeManagementSystem
3e47633 ...)
+ TODO: check
+CVE-2026-11334 (A vulnerability was detected in tittuvarghese
CollegeManagementSystem ...)
+ TODO: check
+CVE-2026-11333 (A security vulnerability has been detected in tittuvarghese
CollegeMan ...)
+ TODO: check
+CVE-2026-11332 (A flaw was found in ansible-core. The ansible-galaxy role
install comm ...)
+ TODO: check
+CVE-2026-11330 (A weakness has been identified in thedotmack claude-mem up to
11.0.1. ...)
+ TODO: check
+CVE-2026-11329 (A vulnerability has been found in onnx onnx-mlir up to
0.5.0.0. Affect ...)
+ TODO: check
+CVE-2026-11326 (OpenAI Atlas before 1.2025.288.15 exposed privileged browser
APIs to w ...)
+ TODO: check
+CVE-2026-11322 (Hermes WebUI prior to v0.51.221 contains a path traversal
vulnerabilit ...)
+ TODO: check
+CVE-2026-11312 (A vulnerability was found in bytedance InfiniStore up to
0.2.33. The i ...)
+ TODO: check
+CVE-2026-11309 (Insufficient policy enforcement in History in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2026-11308 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2026-11307 (Use after free in PDFium in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-11306 (Use after free in PDFium in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-11305 (Use after free in PDFium in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-11304 (Use after free in PDFium in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-11303 (Use after free in PDFium in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-11302 (Insufficient policy enforcement in Chrome for iOS in Google
Chrome on ...)
+ TODO: check
+CVE-2026-11301 (Inappropriate implementation in LiveCaption in Google Chrome
prior to ...)
+ TODO: check
+CVE-2026-11300 (Inappropriate implementation in Permissions in Google Chrome
prior to ...)
+ TODO: check
+CVE-2026-11299 (Integer overflow in Fonts in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-11298 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
+ TODO: check
+CVE-2026-11297 (Insufficient validation of untrusted input in Reader Mode in
Google Ch ...)
+ TODO: check
+CVE-2026-11296 (Inappropriate implementation in ImageCapture in Google Chrome
prior to ...)
+ TODO: check
+CVE-2026-11295 (Inappropriate implementation in WebView in Google Chrome on
Android pr ...)
+ TODO: check
+CVE-2026-11294 (Inappropriate implementation in Passwords in Google Chrome
prior to 14 ...)
+ TODO: check
+CVE-2026-11293 (Use after free in Input in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-11292 (Insufficient policy enforcement in Blink in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11291 (Inappropriate implementation in Android Autofill in Google
Chrome on A ...)
+ TODO: check
+CVE-2026-11290 (Integer overflow in WebView in Google Chrome on Android prior
to 149.0 ...)
+ TODO: check
+CVE-2026-11289 (Side-channel information leakage in Paint in Google Chrome
prior to 14 ...)
+ TODO: check
+CVE-2026-11288 (Insufficient policy enforcement in CSS in Google Chrome prior
to 149.0 ...)
+ TODO: check
+CVE-2026-11287 (Insufficient policy enforcement in Navigation in Google Chrome
on Andr ...)
+ TODO: check
+CVE-2026-11286 (Insufficient validation of untrusted input in Wallet in Google
Chrome ...)
+ TODO: check
+CVE-2026-11285 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
+ TODO: check
+CVE-2026-11284 (Side-channel information leakage in PerformanceAPIs in Google
Chrome p ...)
+ TODO: check
+CVE-2026-11283 (Insufficient validation of untrusted input in Shortcuts in
Google Chro ...)
+ TODO: check
+CVE-2026-11282 (Insufficient policy enforcement in Sandbox in Google Chrome on
Linux p ...)
+ TODO: check
+CVE-2026-11281 (Integer overflow in Chromoting in Google Chrome on Windows
prior to 14 ...)
+ TODO: check
+CVE-2026-11280 (Inappropriate implementation in Signin in Google Chrome on iOS
prior t ...)
+ TODO: check
+CVE-2026-11279 (Out of bounds read in DevTools in Google Chrome prior to
149.0.7827.53 ...)
+ TODO: check
+CVE-2026-11278 (Inappropriate implementation in CustomTabs in Google Chrome on
Android ...)
+ TODO: check
+CVE-2026-11277 (Insufficient policy enforcement in Chrome for iOS in Google
Chrome on ...)
+ TODO: check
+CVE-2026-11276 (Inappropriate implementation in Cast in Google Chrome prior to
149.0.7 ...)
+ TODO: check
+CVE-2026-11275 (Inappropriate implementation in Page Info in Google Chrome on
Android ...)
+ TODO: check
+CVE-2026-11274 (Inappropriate implementation in DOM Distiller in Google Chrome
on iOS ...)
+ TODO: check
+CVE-2026-11273 (Insufficient validation of untrusted input in Omnibox in
Google Chrome ...)
+ TODO: check
+CVE-2026-11272 (Insufficient validation of untrusted input in Reading List in
Google C ...)
+ TODO: check
+CVE-2026-11271 (Inappropriate implementation in Passwords in Google Chrome
prior to 14 ...)
+ TODO: check
+CVE-2026-11270 (Inappropriate implementation in UI in Google Chrome on Android
prior t ...)
+ TODO: check
+CVE-2026-11269 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2026-11268 (Uninitialized Use in ANGLE in Google Chrome on Windows prior
to 149.0. ...)
+ TODO: check
+CVE-2026-11267 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
+ TODO: check
+CVE-2026-11266 (Inappropriate implementation in SafeBrowsing in Google Chrome
prior to ...)
+ TODO: check
+CVE-2026-11265 (Inappropriate implementation in Autofill in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11264 (Policy bypass in Content Security Policy in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11263 (Insufficient policy enforcement in WebAuthentication in Google
Chrome ...)
+ TODO: check
+CVE-2026-11262 (Use after free in TabStrip in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-11261 (Inappropriate implementation in PDF in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11260 (Inappropriate implementation in Permissions in Google Chrome
prior to ...)
+ TODO: check
+CVE-2026-11259 (Insufficient validation of untrusted input in Cast in Google
Chrome pr ...)
+ TODO: check
+CVE-2026-11258 (Inappropriate implementation in File System Access in Google
Chrome pr ...)
+ TODO: check
+CVE-2026-11257 (Inappropriate implementation in Browser in Google Chrome prior
to 149. ...)
+ TODO: check
+CVE-2026-11256 (Integer overflow in GPU in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-11255 (Insufficient validation of untrusted input in Storage Access
API in Go ...)
+ TODO: check
+CVE-2026-11254 (Inappropriate implementation in Permissions in Google Chrome
prior to ...)
+ TODO: check
+CVE-2026-11253 (Inappropriate implementation in Permissions in Google Chrome
prior to ...)
+ TODO: check
+CVE-2026-11252 (Insufficient policy enforcement in Content Settings in Google
Chrome p ...)
+ TODO: check
+CVE-2026-11251 (Insufficient policy enforcement in Password Manager in Google
Chrome p ...)
+ TODO: check
+CVE-2026-11250 (Inappropriate implementation in DevTools in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11249 (Use after free in Network in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-11248 (Inappropriate implementation in Google Lens in Google Chrome
prior to ...)
+ TODO: check
+CVE-2026-11247 (Insufficient policy enforcement in CustomTabs in Google Chrome
on Andr ...)
+ TODO: check
+CVE-2026-11246 (Insufficient validation of untrusted input in IndexedDB in
Google Chro ...)
+ TODO: check
+CVE-2026-11245 (Inappropriate implementation in Payments in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11244 (Insufficient validation of untrusted input in
WebAuthentication in Goo ...)
+ TODO: check
+CVE-2026-11243 (Inappropriate implementation in Downloads in Google Chrome
prior to 14 ...)
+ TODO: check
+CVE-2026-11242 (Insufficient validation of untrusted input in Plugins in
Google Chrome ...)
+ TODO: check
+CVE-2026-11241 (Insufficient validation of untrusted input in Cast in Google
Chrome pr ...)
+ TODO: check
+CVE-2026-11240 (Insufficient validation of untrusted input in Loader in Google
Chrome ...)
+ TODO: check
+CVE-2026-11239 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2026-11238 (Inappropriate implementation in DevTools in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11237 (Insufficient validation of untrusted input in Media in Google
Chrome p ...)
+ TODO: check
+CVE-2026-11236 (Insufficient policy enforcement in Web Bluetooth in Google
Chrome prio ...)
+ TODO: check
+CVE-2026-11235 (Insufficient policy enforcement in Compositing in Google
Chrome prior ...)
+ TODO: check
+CVE-2026-11234 (Inappropriate implementation in FoldableAPIs in Google Chrome
prior to ...)
+ TODO: check
+CVE-2026-11233 (Insufficient policy enforcement in FoldableAPIs in Google
Chrome prior ...)
+ TODO: check
+CVE-2026-11232 (Inappropriate implementation in TabGroups in Google Chrome
prior to 14 ...)
+ TODO: check
+CVE-2026-11231 (Inappropriate implementation in Safe Browsing in Google Chrome
on Mac ...)
+ TODO: check
+CVE-2026-11230 (Use after free in Extensions in Google Chrome prior to
149.0.7827.53 a ...)
+ TODO: check
+CVE-2026-11229 (Inappropriate implementation in Enterprise in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2026-11228 (Inappropriate implementation in File Input in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2026-11227 (Incorrect security UI in Tab Hover Cards in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11226 (Insufficient policy enforcement in PreviewTab in Google Chrome
on Andr ...)
+ TODO: check
+CVE-2026-11225 (Inappropriate implementation in WebUI in Google Chrome prior
to 149.0. ...)
+ TODO: check
+CVE-2026-11224 (Use after free in Chromoting in Google Chrome on Linux prior
to 149.0. ...)
+ TODO: check
+CVE-2026-11223 (Insufficient validation of untrusted input in Network in
Google Chrome ...)
+ TODO: check
+CVE-2026-11222 (Incorrect security UI in Tab Strip in Google Chrome prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-11221 (Insufficient validation of untrusted input in PointerLock in
Google Ch ...)
+ TODO: check
+CVE-2026-11220 (Insufficient validation of untrusted input in Navigation in
Google Chr ...)
+ TODO: check
+CVE-2026-11219 (Inappropriate implementation in Navigation in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2026-11218 (Inappropriate implementation in PlatformIntegration in Google
Chrome o ...)
+ TODO: check
+CVE-2026-11217 (Inappropriate implementation in Fenced Frames in Google Chrome
prior t ...)
+ TODO: check
+CVE-2026-11216 (Incorrect security UI in File Input in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11215 (Inappropriate implementation in Cronet in Google Chrome on
Android pri ...)
+ TODO: check
+CVE-2026-11214 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
+ TODO: check
+CVE-2026-11213 (Insufficient validation of untrusted input in Reading Mode in
Google C ...)
+ TODO: check
+CVE-2026-11212 (Insufficient policy enforcement in DevTools in Google Chrome
prior to ...)
+ TODO: check
+CVE-2026-11211 (Integer overflow in V8 in Google Chrome prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-11210 (Inappropriate implementation in Safe Browsing in Google Chrome
prior t ...)
+ TODO: check
+CVE-2026-11209 (Inappropriate implementation in Passwords in Google Chrome
prior to 14 ...)
+ TODO: check
+CVE-2026-11208 (Use after free in Codecs in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-11207 (Insufficient validation of untrusted input in Autofill in
Google Chrom ...)
+ TODO: check
+CVE-2026-11206 (Insufficient policy enforcement in ServiceWorker in Google
Chrome prio ...)
+ TODO: check
+CVE-2026-11205 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
+ TODO: check
+CVE-2026-11204 (Inappropriate implementation in Signin in Google Chrome on iOS
prior t ...)
+ TODO: check
+CVE-2026-11203 (Inappropriate implementation in GPU in Google Chrome on Mac
prior to 1 ...)
+ TODO: check
+CVE-2026-11202 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
+ TODO: check
+CVE-2026-11201 (Use after free in ServiceWorker in Google Chrome prior to
149.0.7827.5 ...)
+ TODO: check
+CVE-2026-11200 (Inappropriate implementation in WebRTC in Google Chrome prior
to 149.0 ...)
+ TODO: check
+CVE-2026-11199 (Inappropriate implementation in WebRTC in Google Chrome prior
to 149.0 ...)
+ TODO: check
+CVE-2026-11198 (Insufficient validation of untrusted input in Codecs in Google
Chrome ...)
+ TODO: check
+CVE-2026-11197 (Insufficient policy enforcement in Workers in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2026-11196 (Type Confusion in XML in Google Chrome prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-11195 (Inappropriate implementation in MHTML in Google Chrome prior
to 149.0. ...)
+ TODO: check
+CVE-2026-11194 (Inappropriate implementation in Network in Google Chrome prior
to 149. ...)
+ TODO: check
+CVE-2026-11193 (Insufficient policy enforcement in Password Manager in Google
Chrome p ...)
+ TODO: check
+CVE-2026-11192 (Insufficient validation of untrusted input in Password Manager
in Goog ...)
+ TODO: check
+CVE-2026-11191 (Out of bounds memory access in ANGLE in Google Chrome prior to
149.0.7 ...)
+ TODO: check
+CVE-2026-11190 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2026-11189 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
+ TODO: check
+CVE-2026-11188 (Use after free in USB in Google Chrome on Android prior to
149.0.7827. ...)
+ TODO: check
+CVE-2026-11187 (Inappropriate implementation in Glic in Google Chrome prior to
149.0.7 ...)
+ TODO: check
+CVE-2026-11186 (Inappropriate implementation in CSS in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11185 (Use after free in V8 in Google Chrome prior to 149.0.7827.53
allowed a ...)
+ TODO: check
+CVE-2026-11184 (Insufficient policy enforcement in Actor in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11183 (Out of bounds read in GWP-ASan in Google Chrome prior to
149.0.7827.53 ...)
+ TODO: check
+CVE-2026-11182 (Inappropriate implementation in SVG in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11181 (Inappropriate implementation in Media Session in Google Chrome
prior t ...)
+ TODO: check
+CVE-2026-11180 (Inappropriate implementation in SVG in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11179 (Inappropriate implementation in ORB in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11178 (Insufficient policy enforcement in WebView in Google Chrome on
Android ...)
+ TODO: check
+CVE-2026-11177 (Use after free in Omnibox in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-11176 (Inappropriate implementation in Media in Google Chrome prior
to 149.0. ...)
+ TODO: check
+CVE-2026-11175 (Incorrect security UI in Messages in Google Chrome on Android
prior to ...)
+ TODO: check
+CVE-2026-11174 (Inappropriate implementation in Site Isolation in Google
Chrome prior ...)
+ TODO: check
+CVE-2026-11173 (Out of bounds write in V8 in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-11172 (Incorrect security UI in Contact Picker in Google Chrome on
Android pr ...)
+ TODO: check
+CVE-2026-11171 (Integer overflow in Blink in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-11170 (Inappropriate implementation in Chromoting in Google Chrome on
Linux p ...)
+ TODO: check
+CVE-2026-11169 (Inappropriate implementation in XML in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11168 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2026-11167 (Inappropriate implementation in WebView in Google Chrome on
Android pr ...)
+ TODO: check
+CVE-2026-11166 (Inappropriate implementation in SVG in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11165 (Use after free in WebMIDI in Google Chrome on iOS prior to
149.0.7827. ...)
+ TODO: check
+CVE-2026-11164 (Use after free in Blink in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-11163 (Use after free in Messages in Google Chrome on Android prior
to 149.0. ...)
+ TODO: check
+CVE-2026-11162 (Inappropriate implementation in CSS in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11161 (Inappropriate implementation in DataTransfer in Google Chrome
prior to ...)
+ TODO: check
+CVE-2026-11160 (Out of bounds read in Input in Google Chrome on Linux prior to
149.0.7 ...)
+ TODO: check
+CVE-2026-11159 (Uninitialized Use in Skia in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-11158 (Insufficient validation of untrusted input in Downloads in
Google Chro ...)
+ TODO: check
+CVE-2026-11157 (Script injection in Accessibility in Google Chrome prior to
149.0.7827 ...)
+ TODO: check
+CVE-2026-11156 (Inappropriate implementation in CSS in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11155 (Inappropriate implementation in CSS in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11154 (Use after free in Dawn in Google Chrome prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-11153 (Side-channel information leakage in Forms in Google Chrome
prior to 14 ...)
+ TODO: check
+CVE-2026-11152 (Object lifecycle issue in Dawn in Google Chrome prior to
149.0.7827.53 ...)
+ TODO: check
+CVE-2026-11151 (Insufficient validation of untrusted input in Password Manager
in Goog ...)
+ TODO: check
+CVE-2026-11150 (Inappropriate implementation in XML in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11149 (Insufficient validation of untrusted input in Extensions in
Google Chr ...)
+ TODO: check
+CVE-2026-11148 (Inappropriate implementation in Payments in Google Chrome on
Android p ...)
+ TODO: check
+CVE-2026-11147 (Use after free in WebML in Google Chrome on Windows prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-11146 (Insufficient validation of untrusted input in Chromoting in
Google Chr ...)
+ TODO: check
+CVE-2026-11145 (Race in Geolocation in Google Chrome on Android prior to
149.0.7827.53 ...)
+ TODO: check
+CVE-2026-11144 (Use after free in Media in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-11143 (Out of bounds read in Extensions in Google Chrome on Linux
prior to 14 ...)
+ TODO: check
+CVE-2026-11142 (Insufficient policy enforcement in Paint in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11141 (Uninitialized Use in Audio in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-11140 (Out of bounds read in Chromecast in Google Chrome prior to
149.0.7827. ...)
+ TODO: check
+CVE-2026-11139 (Inappropriate implementation in Paint in Google Chrome prior
to 149.0. ...)
+ TODO: check
+CVE-2026-11138 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-11137 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-11136 (Use after free in Canvas in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-11135 (Insufficient policy enforcement in Autofill in Google Chrome
prior to ...)
+ TODO: check
+CVE-2026-11134 (Inappropriate implementation in Media in Google Chrome prior
to 149.0. ...)
+ TODO: check
+CVE-2026-11133 (Insufficient policy enforcement in Paint in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11132 (Insufficient policy enforcement in Paint in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11131 (Use after free in Autofill in Google Chrome on Android prior
to 149.0. ...)
+ TODO: check
+CVE-2026-11130 (Use after free in Media in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-11129 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2026-11128 (Inappropriate implementation in Web Share in Google Chrome
prior to 14 ...)
+ TODO: check
+CVE-2026-11127 (Inappropriate implementation in WebAPKs in Google Chrome on
Android pr ...)
+ TODO: check
+CVE-2026-11126 (Inappropriate implementation in DevTools in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11125 (Use after free in Compositing in Google Chrome prior to
149.0.7827.53 ...)
+ TODO: check
+CVE-2026-11124 (Integer overflow in Skia in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-11123 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-11122 (Inappropriate implementation in Keyboard in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11121 (Insufficient validation of untrusted input in Skia in Google
Chrome pr ...)
+ TODO: check
+CVE-2026-11120 (Insufficient validation of untrusted input in Enterprise
Reporting in ...)
+ TODO: check
+CVE-2026-11119 (Inappropriate implementation in GPU in Google Chrome on
Android prior ...)
+ TODO: check
+CVE-2026-11118 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-11117 (Use after free in Views in Google Chrome on Windows prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-11116 (Use after free in Chromoting in Google Chrome prior to
149.0.7827.53 a ...)
+ TODO: check
+CVE-2026-11115 (Use after free in Updater in Google Chrome on Windows prior to
149.0.7 ...)
+ TODO: check
+CVE-2026-11114 (Use after free in Device Trust in Google Chrome on Mac prior
to 149.0. ...)
+ TODO: check
+CVE-2026-11113 (Insufficient validation of untrusted input in ANGLE in Google
Chrome p ...)
+ TODO: check
+CVE-2026-11112 (Insufficient validation of untrusted input in Chromoting in
Google Chr ...)
+ TODO: check
+CVE-2026-11111 (Out of bounds read in ANGLE in Google Chrome prior to
149.0.7827.53 al ...)
+ TODO: check
+CVE-2026-11110 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-11109 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-11108 (Inappropriate implementation in NFC in Google Chrome on
Android prior ...)
+ TODO: check
+CVE-2026-11107 (Inappropriate implementation in Downloads in Google Chrome
prior to 14 ...)
+ TODO: check
+CVE-2026-11106 (Inappropriate implementation in Media in Google Chrome prior
to 149.0. ...)
+ TODO: check
+CVE-2026-11105 (Insufficient validation of untrusted input in WebUI in Google
Chrome p ...)
+ TODO: check
+CVE-2026-11104 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-11103 (Inappropriate implementation in Installer in Google Chrome on
Windows ...)
+ TODO: check
+CVE-2026-11102 (Inappropriate implementation in Isolated Web Apps in Google
Chrome pri ...)
+ TODO: check
+CVE-2026-11101 (Uninitialized Use in Dawn in Google Chrome on Windows prior to
149.0.7 ...)
+ TODO: check
+CVE-2026-11100 (Use after free in File Input in Google Chrome on Mac prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11098 (Insufficient validation of untrusted input in GPU in Google
Chrome pri ...)
+ TODO: check
+CVE-2026-11097 (Inappropriate implementation in WebView in Google Chrome on
Android pr ...)
+ TODO: check
+CVE-2026-11096 (Out of bounds read in WebRTC in Google Chrome prior to
149.0.7827.53 a ...)
+ TODO: check
+CVE-2026-11095 (Insufficient validation of untrusted input in Codecs in Google
Chrome ...)
+ TODO: check
+CVE-2026-11094 (Use after free in Codecs in Google Chrome on Windows prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11093 (Inappropriate implementation in Printing in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11092 (Insufficient policy enforcement in DevTools in Google Chrome
prior to ...)
+ TODO: check
+CVE-2026-11091 (Inappropriate implementation in Dawn in Google Chrome prior to
149.0.7 ...)
+ TODO: check
+CVE-2026-11090 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-11089 (Uninitialized Use in Media in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-11088 (Integer overflow in ANGLE in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-11087 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-11086 (Inappropriate implementation in Dawn in Google Chrome prior to
149.0.7 ...)
+ TODO: check
+CVE-2026-11085 (Integer overflow in GPU in Google Chrome on Android prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-11084 (Inappropriate implementation in Password Manager in Google
Chrome prio ...)
+ TODO: check
+CVE-2026-11083 (Inappropriate implementation in Password Manager in Google
Chrome prio ...)
+ TODO: check
+CVE-2026-11082 (Race in GPU in Google Chrome on Android prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-11081 (Inappropriate implementation in Canvas in Google Chrome prior
to 149.0 ...)
+ TODO: check
+CVE-2026-11080 (Use after free in WebView in Google Chrome on Android prior to
149.0.7 ...)
+ TODO: check
+CVE-2026-11079 (Insufficient validation of untrusted input in Codecs in Google
Chrome ...)
+ TODO: check
+CVE-2026-11078 (Inappropriate implementation in FileSystem in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2026-11077 (Bad cast in Dawn in Google Chrome prior to 149.0.7827.53
allowed a rem ...)
+ TODO: check
+CVE-2026-11076 (Type Confusion in CSS in Google Chrome prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-11075 (Out of bounds read in V8 in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-11074 (Use after free in WebRTC in Google Chrome on Linux prior to
149.0.7827 ...)
+ TODO: check
+CVE-2026-11073 (Use after free in WebGL in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-11072 (Use after free in WebView in Google Chrome on Android prior to
149.0.7 ...)
+ TODO: check
+CVE-2026-11071 (Use after free in Base in Google Chrome on Linux prior to
149.0.7827.5 ...)
+ TODO: check
+CVE-2026-11070 (Insufficient validation of untrusted input in Chromoting in
Google Chr ...)
+ TODO: check
+CVE-2026-11069 (Insufficient validation of untrusted input in Cast in Google
Chrome pr ...)
+ TODO: check
+CVE-2026-11068 (Use after free in WebSockets in Google Chrome prior to
149.0.7827.53 a ...)
+ TODO: check
+CVE-2026-11067 (Uninitialized Use in Dawn in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-11066 (Insufficient validation of untrusted input in ANGLE in Google
Chrome p ...)
+ TODO: check
+CVE-2026-11065 (Use after free in ANGLE in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-11064 (Race in GPU in Google Chrome on Android prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-11063 (Insufficient validation of untrusted input in WebNN in Google
Chrome o ...)
+ TODO: check
+CVE-2026-11062 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
+ TODO: check
+CVE-2026-11061 (Type Confusion in ANGLE in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-11060 (Use after free in Media in Google Chrome on Windows prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-11059 (Use after free in Blink in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-11058 (Integer overflow in CredentialProvider in Google Chrome on
Windows pri ...)
+ TODO: check
+CVE-2026-11057 (Uninitialized Use in Skia in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-11056 (Insufficient validation of untrusted input in SiteIsolation in
Google ...)
+ TODO: check
+CVE-2026-11055 (Use after free in ANGLE in Google Chrome on Windows prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-11054 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-11052 (Type Confusion in GPU in Google Chrome on Windows prior to
149.0.7827. ...)
+ TODO: check
+CVE-2026-11051 (Out of bounds read in ANGLE in Google Chrome on Linux prior to
149.0.7 ...)
+ TODO: check
+CVE-2026-11050 (Use after free in V8 in Google Chrome prior to 149.0.7827.53
allowed a ...)
+ TODO: check
+CVE-2026-11049 (Use after free in Password Manager in Google Chrome prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-11048 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2026-11047 (Inappropriate implementation in Base in Google Chrome on
Windows prior ...)
+ TODO: check
+CVE-2026-11046 (Insufficient validation of untrusted input in Media in Google
Chrome p ...)
+ TODO: check
+CVE-2026-11045 (Insufficient validation of untrusted input in GPU in Google
Chrome pri ...)
+ TODO: check
+CVE-2026-11044 (Integer overflow in ANGLE in Google Chrome on Mac prior to
149.0.7827. ...)
+ TODO: check
+CVE-2026-11043 (Out of bounds write in ANGLE in Google Chrome on Mac prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11042 (Use after free in Views in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-11041 (Insufficient validation of untrusted input in Media in Google
Chrome o ...)
+ TODO: check
+CVE-2026-11040 (Use after free in ANGLE in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-11039 (Uninitialized Use in Skia in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-11038 (Insufficient policy enforcement in Subresource Integrity in
Google Chr ...)
+ TODO: check
+CVE-2026-11037 (Out of bounds write in Codecs in Google Chrome prior to
149.0.7827.53 ...)
+ TODO: check
+CVE-2026-11036 (Inappropriate implementation in DOM in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11035 (Inappropriate implementation in Custom Tabs in Google Chrome
on Androi ...)
+ TODO: check
+CVE-2026-11034 (Insufficient validation of untrusted input in Tab Group Sync
in Google ...)
+ TODO: check
+CVE-2026-11033 (Uninitialized Use in WebML in Google Chrome on Mac prior to
149.0.7827 ...)
+ TODO: check
+CVE-2026-11032 (Inappropriate implementation in Password Manager in Google
Chrome prio ...)
+ TODO: check
+CVE-2026-11031 (Insufficient validation of untrusted input in Password Manager
in Goog ...)
+ TODO: check
+CVE-2026-11030 (Use after free in Network in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-11029 (Insufficient validation of untrusted input in Drag and Drop in
Google ...)
+ TODO: check
+CVE-2026-11028 (Use after free in Media in Google Chrome on Linux and ChromeOS
prior t ...)
+ TODO: check
+CVE-2026-11027 (Insufficient validation of untrusted input in Glic in Google
Chrome pr ...)
+ TODO: check
+CVE-2026-11026 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2026-11025 (Insufficient policy enforcement in Navigation in Google Chrome
on Andr ...)
+ TODO: check
+CVE-2026-11024 (Stack buffer overflow in Skia in Google Chrome prior to
149.0.7827.53 ...)
+ TODO: check
+CVE-2026-11023 (Inappropriate implementation in WebAppInstalls in Google
Chrome prior ...)
+ TODO: check
+CVE-2026-11022 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
+ TODO: check
+CVE-2026-11021 (Insufficient validation of untrusted input in GPU in Google
Chrome on ...)
+ TODO: check
+CVE-2026-11020 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
+ TODO: check
+CVE-2026-11019 (Inappropriate implementation in Payments in Google Chrome on
Android p ...)
+ TODO: check
+CVE-2026-11018 (Insufficient policy enforcement in Actor in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11017 (Inappropriate implementation in Link Preview in Google Chrome
prior to ...)
+ TODO: check
+CVE-2026-11016 (Insufficient validation of untrusted input in Network in
Google Chrome ...)
+ TODO: check
+CVE-2026-11015 (Out of bounds read in WebGPU in Google Chrome prior to
149.0.7827.53 a ...)
+ TODO: check
+CVE-2026-11014 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
+ TODO: check
+CVE-2026-11013 (Insufficient validation of untrusted input in Network in
Google Chrome ...)
+ TODO: check
+CVE-2026-11012 (Use after free in Serial in Google Chrome on Android prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-11011 (Insufficient policy enforcement in Password Manager in Google
Chrome p ...)
+ TODO: check
+CVE-2026-11010 (Use after free in WebShare in Google Chrome on Android prior
to 149.0. ...)
+ TODO: check
+CVE-2026-11009 (Use after free in USB in Google Chrome on Windows prior to
149.0.7827. ...)
+ TODO: check
+CVE-2026-11008 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
+ TODO: check
+CVE-2026-11007 (Insufficient validation of untrusted input in WebView in
Google Chrome ...)
+ TODO: check
+CVE-2026-11006 (Out of bounds read in Dawn in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-11005 (Out of bounds read in ANGLE in Google Chrome on Windows prior
to 149.0 ...)
+ TODO: check
+CVE-2026-11004 (Out of bounds read in ANGLE in Google Chrome prior to
149.0.7827.53 al ...)
+ TODO: check
+CVE-2026-11003 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-11002 (Use after free in Autofill in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-11001 (Inappropriate implementation in Payments in Google Chrome
prior to 149 ...)
+ TODO: check
+CVE-2026-11000 (Use after free in Fonts in Google Chrome on Linux prior to
149.0.7827. ...)
+ TODO: check
+CVE-2026-10999 (Integer overflow in ANGLE in Google Chrome on Windows prior to
149.0.7 ...)
+ TODO: check
+CVE-2026-10998 (Out of bounds read in Media in Google Chrome prior to
149.0.7827.53 al ...)
+ TODO: check
+CVE-2026-10997 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
+ TODO: check
+CVE-2026-10996 (Inappropriate implementation in Workers in Google Chrome prior
to 149. ...)
+ TODO: check
+CVE-2026-10995 (Heap buffer overflow in TabStrip in Google Chrome prior to
149.0.7827. ...)
+ TODO: check
+CVE-2026-10994 (Uninitialized Use in ANGLE in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-10993 (Heap buffer overflow in Skia in Google Chrome prior to
149.0.7827.53 a ...)
+ TODO: check
+CVE-2026-10992 (Insufficient data validation in Animation in Google Chrome
prior to 14 ...)
+ TODO: check
+CVE-2026-10991 (Use after free in V8 in Google Chrome prior to 149.0.7827.53
allowed a ...)
+ TODO: check
+CVE-2026-10990 (Use after free in Glic in Google Chrome prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-10989 (Inappropriate implementation in V8 in Google Chrome prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-10988 (Use after free in Views in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-10987 (Integer overflow in V8 in Google Chrome prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-10986 (Integer overflow in Media in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-10985 (Out of bounds read in Skia in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-10984 (Inappropriate implementation in Accessibility in Google Chrome
on Andr ...)
+ TODO: check
+CVE-2026-10983 (Insufficient validation of untrusted input in Dawn in Google
Chrome pr ...)
+ TODO: check
+CVE-2026-10982 (Use after free in WebXR in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-10981 (Insufficient validation of untrusted input in Codecs in Google
Chrome ...)
+ TODO: check
+CVE-2026-10980 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
+ TODO: check
+CVE-2026-10979 (Out of bounds read in ANGLE in Google Chrome prior to
149.0.7827.53 al ...)
+ TODO: check
+CVE-2026-10978 (Use after free in Chromoting in Google Chrome on Windows prior
to 149. ...)
+ TODO: check
+CVE-2026-10977 (Uninitialized Use in Skia in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-10976 (Uninitialized Use in Dawn in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-10975 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-10974 (Insufficient validation of untrusted input in ANGLE in Google
Chrome p ...)
+ TODO: check
+CVE-2026-10973 (Uninitialized Use in Dawn in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-10972 (Use after free in Ozone in Google Chrome on Linux prior to
149.0.7827. ...)
+ TODO: check
+CVE-2026-10971 (Insufficient validation of untrusted input in Printing in
Google Chrom ...)
+ TODO: check
+CVE-2026-10970 (Insufficient validation of untrusted input in InterestGroups
in Google ...)
+ TODO: check
+CVE-2026-10969 (Insufficient validation of untrusted input in Extensions in
Google Chr ...)
+ TODO: check
+CVE-2026-10968 (Insufficient validation of untrusted input in Dawn in Google
Chrome on ...)
+ TODO: check
+CVE-2026-10967 (Use after free in SurfaceCapture in Google Chrome on Android
prior to ...)
+ TODO: check
+CVE-2026-10966 (Inappropriate implementation in Codecs in Google Chrome prior
to 149.0 ...)
+ TODO: check
+CVE-2026-10965 (Integer overflow in DevTools in Google Chrome prior to
149.0.7827.53 a ...)
+ TODO: check
+CVE-2026-10964 (Integer overflow in V8 in Google Chrome prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-10963 (Integer overflow in V8 in Google Chrome prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-10962 (Type Confusion in Media in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-10961 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 149. ...)
+ TODO: check
+CVE-2026-10960 (Uninitialized Use in Codecs in Google Chrome prior to
149.0.7827.53 al ...)
+ TODO: check
+CVE-2026-10959 (Use after free in Input in Google Chrome on Android prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-10958 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 149. ...)
+ TODO: check
+CVE-2026-10957 (Use after free in Glic in Google Chrome prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-10956 (Use after free in MimeHandlerView in Google Chrome prior to
149.0.7827 ...)
+ TODO: check
+CVE-2026-10955 (Type Confusion in ANGLE in Google Chrome on Windows prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-10954 (Use after free in Actor in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-10953 (Use after free in Core in Google Chrome on Android prior to
149.0.7827 ...)
+ TODO: check
+CVE-2026-10952 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 149. ...)
+ TODO: check
+CVE-2026-10951 (Use after free in Autofill in Google Chrome on iOS prior to
149.0.7827 ...)
+ TODO: check
+CVE-2026-10950 (Insufficient policy enforcement in Autofill in Google Chrome
on iOS pr ...)
+ TODO: check
+CVE-2026-10949 (Heap buffer overflow in Video in Google Chrome prior to
149.0.7827.53 ...)
+ TODO: check
+CVE-2026-10948 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-10947 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-10946 (Heap buffer overflow in Media in Google Chrome prior to
149.0.7827.53 ...)
+ TODO: check
+CVE-2026-10945 (Use after free in PDF in Google Chrome prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-10944 (Insufficient policy enforcement in Autofill in Google Chrome
on iOS pr ...)
+ TODO: check
+CVE-2026-10943 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-10942 (Inappropriate implementation in UI in Google Chrome on Windows
prior t ...)
+ TODO: check
+CVE-2026-10941 (Out of bounds memory access in Skia in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-10940 (Race in Codecs in Google Chrome on Windows prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-10939 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-10938 (Inappropriate implementation in Input in Google Chrome prior
to 149.0. ...)
+ TODO: check
+CVE-2026-10937 (Inappropriate implementation in Passwords in Google Chrome
prior to 14 ...)
+ TODO: check
+CVE-2026-10936 (Type Confusion in V8 in Google Chrome prior to 149.0.7827.53
allowed a ...)
+ TODO: check
+CVE-2026-10935 (Type Confusion in V8 in Google Chrome prior to 149.0.7827.53
allowed a ...)
+ TODO: check
+CVE-2026-10934 (Use after free in Autofill in Google Chrome on Android prior
to 149.0. ...)
+ TODO: check
+CVE-2026-10933 (Use after free in Audio in Google Chrome on Windows prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-10932 (Use after free in UI in Google Chrome on Android prior to
149.0.7827.5 ...)
+ TODO: check
+CVE-2026-10931 (Use after free in FileSystem in Google Chrome prior to
149.0.7827.53 a ...)
+ TODO: check
+CVE-2026-10930 (Out of bounds read in ANGLE in Google Chrome on Mac prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-10929 (Heap buffer overflow in ANGLE in Google Chrome on Android
prior to 149 ...)
+ TODO: check
+CVE-2026-10928 (Script injection in Headless in Google Chrome prior to
149.0.7827.53 a ...)
+ TODO: check
+CVE-2026-10927 (Out of bounds read in Dawn in Google Chrome prior to
149.0.7827.53 all ...)
+ TODO: check
+CVE-2026-10926 (Use after free in Cast in Google Chrome prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-10925 (Out of bounds write in Skia in Google Chrome on Mac prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-10924 (Integer overflow in Chromecast in Google Chrome prior to
149.0.7827.53 ...)
+ TODO: check
+CVE-2026-10923 (Use after free in WebAppInstalls in Google Chrome on Android
prior to ...)
+ TODO: check
+CVE-2026-10922 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
+ TODO: check
+CVE-2026-10921 (Integer overflow in Dawn in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-10920 (Insufficient validation of untrusted input in WebShare in
Google Chrom ...)
+ TODO: check
+CVE-2026-10919 (Use after free in ANGLE in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-10918 (Use after free in Viz in Google Chrome prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-10917 (Insufficient validation of untrusted input in Media in Google
Chrome p ...)
+ TODO: check
+CVE-2026-10916 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
+ TODO: check
+CVE-2026-10915 (Use after free in Core in Google Chrome on iOS prior to
149.0.7827.53 ...)
+ TODO: check
+CVE-2026-10914 (Use after free in ANGLE in Google Chrome on Windows prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-10913 (Use after free in ANGLE in Google Chrome on Windows prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-10912 (Insufficient validation of untrusted input in Extensions in
Google Chr ...)
+ TODO: check
+CVE-2026-10911 (Insufficient validation of untrusted input in Media in Google
Chrome p ...)
+ TODO: check
+CVE-2026-10910 (Type Confusion in V8 in Google Chrome prior to 149.0.7827.53
allowed a ...)
+ TODO: check
+CVE-2026-10909 (Use after free in Dawn in Google Chrome prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-10908 (Use after free in FullScreen in Google Chrome on Windows prior
to 149. ...)
+ TODO: check
+CVE-2026-10907 (Out of bounds write in ANGLE in Google Chrome prior to
149.0.7827.53 a ...)
+ TODO: check
+CVE-2026-10906 (Use after free in WebAuthentication in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-10905 (Use after free in Network in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-10904 (Inappropriate implementation in V8 in Google Chrome prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-10903 (Use after free in WebRTC in Google Chrome prior to
149.0.7827.53 allow ...)
+ TODO: check
+CVE-2026-10902 (Use after free in Ozone in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-10901 (Use after free in Passwords in Google Chrome on Mac prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-10900 (Use after free in Passwords in Google Chrome on Mac prior to
149.0.782 ...)
+ TODO: check
+CVE-2026-10899 (Use after free in Ozone in Google Chrome on Linux prior to
149.0.7827. ...)
+ TODO: check
+CVE-2026-10898 (Stack buffer overflow in GPU in Google Chrome prior to
149.0.7827.53 a ...)
+ TODO: check
+CVE-2026-10897 (Inappropriate implementation in GPU in Google Chrome prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-10896 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 149. ...)
+ TODO: check
+CVE-2026-10895 (Use after free in Ozone in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-10894 (Use after free in Printing in Google Chrome on Linux prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-10893 (Use after free in Chromoting in Google Chrome prior to
149.0.7827.53 a ...)
+ TODO: check
+CVE-2026-10892 (Out of bounds write in GPU in Google Chrome on Android prior
to 149.0. ...)
+ TODO: check
+CVE-2026-10891 (Use after free in GFX in Google Chrome on Linux prior to
149.0.7827.53 ...)
+ TODO: check
+CVE-2026-10890 (Use after free in Cast in Google Chrome prior to 149.0.7827.53
allowed ...)
+ TODO: check
+CVE-2026-10889 (Out of bounds read in ANGLE in Google Chrome prior to
149.0.7827.53 al ...)
+ TODO: check
+CVE-2026-10888 (Use after free in Cast Streaming in Google Chrome prior to
149.0.7827. ...)
+ TODO: check
+CVE-2026-10887 (Use after free in Chromoting in Google Chrome on Mac prior to
149.0.78 ...)
+ TODO: check
+CVE-2026-10886 (Use after free in FileSystem in Google Chrome prior to
149.0.7827.53 a ...)
+ TODO: check
+CVE-2026-10885 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 149. ...)
+ TODO: check
+CVE-2026-10884 (Use after free in Chromecast in Google Chrome prior to
149.0.7827.53 a ...)
+ TODO: check
+CVE-2026-10883 (Type Confusion in ANGLE in Google Chrome prior to
149.0.7827.53 allowe ...)
+ TODO: check
+CVE-2026-10882 (Use after free in Network in Google Chrome prior to
149.0.7827.53 allo ...)
+ TODO: check
+CVE-2026-10881 (Out of bounds read and write in ANGLE in Google Chrome prior
to 149.0. ...)
+ TODO: check
+CVE-2026-10879 (DBI versions before 1.648 for Perl have a heap overflow when
preparsin ...)
+ TODO: check
+CVE-2026-10878 (A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70.
Affecte ...)
+ TODO: check
+CVE-2026-10877 (A security vulnerability has been detected in SourceCodester
Ship Ferr ...)
+ TODO: check
+CVE-2026-10876 (A weakness has been identified in SourceCodester Ship Ferry
Ticket Res ...)
+ TODO: check
+CVE-2026-10875 (A security flaw has been discovered in projectworlds Online
Art Galler ...)
+ TODO: check
+CVE-2026-10874 (A vulnerability was identified in projectworlds Online Art
Gallery Sho ...)
+ TODO: check
+CVE-2026-10873 (A vulnerability was determined in Shibby Tomato 1.28.0000.
Impacted is ...)
+ TODO: check
+CVE-2026-10872 (A vulnerability was found in Shibby Tomato 1.28.0000. This
issue affec ...)
+ TODO: check
+CVE-2026-10871 (A vulnerability has been found in Shibby Tomato 1.28.0000.
This vulner ...)
+ TODO: check
+CVE-2026-10870 (A flaw has been found in Shibby Tomato 1.28.0000. This affects
the fun ...)
+ TODO: check
+CVE-2026-10732 (All versions of the package decompress are vulnerable to
Arbitrary Fil ...)
+ TODO: check
+CVE-2026-10586 (The Gutenberg Essential Blocks \u2013 Page Builder for
Gutenberg Block ...)
+ TODO: check
+CVE-2026-10580 (The Hippoo Mobile App for WooCommerce plugin for WordPress is
vulnerab ...)
+ TODO: check
+CVE-2025-8873 (On affected platforms running Arista EOS with IPsec configured,
a spec ...)
+ TODO: check
+CVE-2025-71318 (NetMan 204 fails to enforce authentication on its
administrative pages ...)
+ TODO: check
+CVE-2025-71317 (NetMan 204 contains a hard-coded backdoor account with the
username an ...)
+ TODO: check
+CVE-2025-5090 (CVX is not resilient to unexpected messages from a connected
switch. T ...)
+ TODO: check
+CVE-2025-5089 (In a CVX cluster, an EOS switch connected to a CVX server is
not resil ...)
+ TODO: check
+CVE-2025-5088 (An authenticated Redis session could be used to obtain full
root acces ...)
+ TODO: check
+CVE-2025-59174 (Ericsson Packet Core Controller (PCC) versions prior to 1.39
contain a ...)
+ TODO: check
+CVE-2024-6858 (In Arista\u2019s EOS when in 802.1X mode, multi-auth
unauthenticated h ...)
+ TODO: check
+CVE-2024-27892 (Affected platforms running Arista EOS with OpenConfig
configured, a gN ...)
+ TODO: check
+CVE-2024-27891 (On affected platforms running Arista EOS with MACsec and
egress ACLs c ...)
+ TODO: check
+CVE-2024-27890 (Affected platforms running Arista EOS with OpenConfig
configured, a gN ...)
+ TODO: check
+CVE-2023-5502 (On affected platforms running Arista EOS with 802.1x
authentication co ...)
+ TODO: check
+CVE-2026-50593 (Graphite before 1.3.15 has an integer underflow and resultant
out-of-b ...)
- graphite2 1.3.15-2
NOTE: Fixed by:
https://github.com/silnrsi/graphite/commit/ad78c6b7319909e1540c1b134e115ced03417866
(1.3.15)
CVE-2026-49837
@@ -313,7 +1437,7 @@ CVE-2025-67446 (Improper Authentication (Authentication
Bypass) exists in Neterb
TODO: check
CVE-2025-65640 (Cross Site Scripting (XSS) vulnerability in the "Task in
Progress / Re ...)
TODO: check
-CVE-2025-62338 (The HCL BigFix Cloud Lifecycle Management is affected by Lack
Of Input ...)
+CVE-2025-62338 (HCL BigFix Cloud Lifecycle Management is affected by lack of
input val ...)
NOT-FOR-US: HCL
CVE-2025-59874 (HCL Hive Telco Observability is affected by a Required
directives miss ...)
NOT-FOR-US: HCL
@@ -651,7 +1775,7 @@ CVE-2026-XXXX [Horizon RC file generation does not escape
special characters in
- horizon <unfixed> (bug #1138845)
NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0097
NOTE: https://launchpad.net/bugs/2152240
-CVE-2026-50266 [Neutron port RBAC policy bypass allows project managers to set
trusted device owners on shared networks]
+CVE-2026-50266 (In OpenStack Neutron before 28.0.1, a project manager can
create or up ...)
- neutron 2:28.0.0-7 (bug #1138844)
[bookworm] - neutron <not-affected> (Vulnerable code not present)
[bullseye] - neutron <not-affected> (Vulnerable code not present)
@@ -1664,63 +2788,63 @@ CVE-2018-25428 (Paroiciel 11.20 contains an SQL
injection vulnerability that all
NOT-FOR-US: Paroiciel
CVE-2018-25427 (Arm Whois 3.11 contains a stack-based buffer overflow
vulnerability th ...)
NOT-FOR-US: Arm whois
-CVE-2026-50256 [Font Alias Stack-based Buffer Overflow]
+CVE-2026-50256 (A stack-based buffer overflow flaw was found in the X.Org X
server and ...)
- xorg-server 2:21.1.23-1 (bug #1138680)
- xwayland 2:24.1.12-1 (bug #1138703)
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/bb5158f962dc935e58ef8b4b5fcb31be201a6e07
-CVE-2026-50257 [XSYNC Use-After-Free in miSyncDestroyFence()]
+CVE-2026-50257 (A use-after-free flaw was found in the X.Org X server and
Xwayland in ...)
- xorg-server 2:21.1.23-1 (bug #1138680)
- xwayland 2:24.1.12-1 (bug #1138703)
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/f5abfb61994471023d8c6470428c8e30c411cc0b
-CVE-2026-50258 [XKB Key Types Stack-based Buffer Overflow]
+CVE-2026-50258 (A stack-based buffer overflow flaw was found in the X.Org X
server and ...)
- xorg-server 2:21.1.23-1 (bug #1138680)
- xwayland 2:24.1.12-1 (bug #1138703)
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/543e108516428fc8c3bea91d6563ad266f9a801e
-CVE-2026-50259 [XKB SetMap Request Stack-based Buffer Overflow]
+CVE-2026-50259 (A stack-based buffer overflow flaw was found in the X.Org X
server and ...)
- xorg-server 2:21.1.23-1 (bug #1138680)
- xwayland 2:24.1.12-1 (bug #1138703)
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/867b59b33bee669cb412f1314e47c52eacf6e00b
-CVE-2026-50260 [XSYNC Use-After-Free in FreeCounter()]
+CVE-2026-50260 (A use-after-free flaw was found in the X.Org X server and
Xwayland in ...)
- xorg-server 2:21.1.23-1 (bug #1138680)
- xwayland 2:24.1.12-1 (bug #1138703)
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/f5abfb61994471023d8c6470428c8e30c411cc0b
-CVE-2026-50261 [XSYNC Use-After-Free in SyncChangeCounter()]
+CVE-2026-50261 (A use-after-free flaw was found in the X.Org X server and
Xwayland in ...)
- xorg-server 2:21.1.23-1 (bug #1138680)
- xwayland 2:24.1.12-1 (bug #1138703)
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/bdd7bf57af208b1ddf57d4683d67104443b44812
-CVE-2026-50262 [GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write]
+CVE-2026-50262 (An out-of-bounds read flaw was found in the X.Org X server and
Xwaylan ...)
- xorg-server 2:21.1.23-1 (bug #1138680)
- xwayland 2:24.1.12-1 (bug #1138703)
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/6d459e4daf715bea8abdafa8fb130be2f8a1d145
-CVE-2026-50263 [CreateSaverWindow Use-After-Free Information Disclosure]
+CVE-2026-50263 (A use-after-free flaw was found in the X.Org X server and
Xwayland in ...)
- xorg-server 2:21.1.23-1 (bug #1138680)
- xwayland 2:24.1.12-1 (bug #1138703)
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/ecc634f1b2f7aa473d3a267eada98c4918bf9e05
-CVE-2026-50264 [DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write]
+CVE-2026-50264 (An out-of-bounds write flaw was found in the X.Org X server
and Xwayla ...)
- xorg-server 2:21.1.23-1 (bug #1138680)
- xwayland 2:24.1.12-1 (bug #1138703)
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be
running as root)
@@ -3115,17 +4239,17 @@ CVE-2018-25383 (Free MP3 CD Ripper 2.8 contains a
stack-based buffer overflow vu
CVE-2018-25382 (Zechat 1.5 contains an SQL injection vulnerability that allows
unauthe ...)
NOT-FOR-US: Zechat
CVE-2026-48840 (Exim 4.88 before 4.99.4, in some proxy configurations,
mishandles cert ...)
- {DSA-6309-1}
+ {DSA-6309-1 DLA-4615-1}
- exim4 4.99.3-2
NOTE: https://www.openwall.com/lists/oss-security/2026/05/29/3
NOTE:
https://www.exim.org/static/doc/security/EXIM-Security-2026-05-19.1/EXIM-Security-2026-05-19.1.txt
NOTE: Fixed by:
https://code.exim.org/exim/exim/commit/aae0c4c3fba1f7e50971ba250ddbbedb583d48a6
(exim-4.99.4)
-CVE-2026-50591 [ZSA-2026-11]
+CVE-2026-50591 (In Znuny LTS before 6.5.21 and Znuny before 7.3.3, XSS can
occur via s ...)
- znuny 6.5.21-1
[trixie] - znuny <no-dsa> (Non-free not supported)
[bookworm] - znuny <no-dsa> (Non-free not supported)
NOTE: https://www.znuny.org/en/advisories/zsa-2026-11
-CVE-2026-50592 [ZSA-2026-10]
+CVE-2026-50592 (In Znuny LTS before 6.5.21 and Znuny before 7.3.3, there is
reflected ...)
- znuny 6.5.21-1
[trixie] - znuny <no-dsa> (Non-free not supported)
[bookworm] - znuny <no-dsa> (Non-free not supported)
@@ -5213,7 +6337,7 @@ CVE-2026-2374 (The Login No Captcha reCAPTCHA plugin for
WordPress is vulnerable
NOT-FOR-US: WordPress plugin
CVE-2026-21785 (A misconfigured Content Security Policy (CSP) in HCL BigFix
Remote Con ...)
NOT-FOR-US: HCL
-CVE-2026-48112
+CVE-2026-48112 (7-Zip is a file archiver with a high compression ratio.
Versions 9.18 ...)
- 7zip 26.01+dfsg-1
[trixie] - 7zip <no-dsa> (Minor issue)
[bookworm] - 7zip <no-dsa> (Minor issue)
@@ -5221,49 +6345,49 @@ CVE-2026-48112
NOTE: Since p7zip/16.02+transitional.1 src:p7zip is only a empty source
package
NOTE: depending on 7zip. Mark this version as fixed version.
NOTE:
https://securitylab.github.com/advisories/GHSL-2026-115_GHSL-2026-122_7-zip/
-CVE-2026-48111 [UEFI DEPEX OOB Read]
+CVE-2026-48111 (7-Zip is a file archiver with a high compression ratio.
Versions 9.21 ...)
- 7zip 26.01+dfsg-1 (unimportant)
- p7zip 16.02+transitional.1 (unimportant)
NOTE: Since p7zip/16.02+transitional.1 src:p7zip is only a empty source
package
NOTE: depending on 7zip. Mark this version as fixed version.
NOTE:
https://securitylab.github.com/advisories/GHSL-2026-115_GHSL-2026-122_7-zip/
NOTE: Crash in CLI tool, no security impact
-CVE-2026-48104 [SquashFS BlockToNode uninitialized heap read]
+CVE-2026-48104 (7-Zip is a file archiver with a high compression ratio.
Versions 9.18 ...)
- 7zip 26.01+dfsg-1 (unimportant)
- p7zip 16.02+transitional.1 (unimportant)
NOTE: Since p7zip/16.02+transitional.1 src:p7zip is only a empty source
package
NOTE: depending on 7zip. Mark this version as fixed version.
NOTE:
https://securitylab.github.com/advisories/GHSL-2026-115_GHSL-2026-122_7-zip/
NOTE: Crash in CLI tool, no security impact
-CVE-2026-48103 [WIM SecurityId OOB read]
+CVE-2026-48103 (7-Zip is a file archiver with a high compression ratio.
Versions 9.34 ...)
- 7zip 26.01+dfsg-1 (unimportant)
- p7zip 16.02+transitional.1 (unimportant)
NOTE: Since p7zip/16.02+transitional.1 src:p7zip is only a empty source
package
NOTE: depending on 7zip. Mark this version as fixed version.
NOTE:
https://securitylab.github.com/advisories/GHSL-2026-115_GHSL-2026-122_7-zip/
NOTE: Crash in CLI tool, no security impact
-CVE-2026-48102 [UDF Field OOB Read]
+CVE-2026-48102 (7-Zip is a file archiver with a high compression ratio.
Versions 9.11 ...)
- 7zip 26.01+dfsg-1 (unimportant)
- p7zip 16.02+transitional.1 (unimportant)
NOTE: Since p7zip/16.02+transitional.1 src:p7zip is only a empty source
package
NOTE: depending on 7zip. Mark this version as fixed version.
NOTE:
https://securitylab.github.com/advisories/GHSL-2026-115_GHSL-2026-122_7-zip/
NOTE: Crash in CLI tool, no security impact
-CVE-2026-48101 [UEFI Capsule uninitialized heap memory disclosure]
+CVE-2026-48101 (7-Zip is a file archiver with a high compression ratio.
Versions 9.21 ...)
- 7zip 26.01+dfsg-1 (unimportant)
- p7zip 16.02+transitional.1 (unimportant)
NOTE: Since p7zip/16.02+transitional.1 src:p7zip is only a empty source
package
NOTE: depending on 7zip. Mark this version as fixed version.
NOTE:
https://securitylab.github.com/advisories/GHSL-2026-115_GHSL-2026-122_7-zip/
NOTE: Crash in CLI tool, no security impact
-CVE-2026-48092 [SquashFS Fragment Offset Overflow]
+CVE-2026-48092 (7-Zip is a file archiver with a high compression ratio.
Versions 9.34 ...)
- 7zip 26.01+dfsg-1 (unimportant)
- p7zip 16.02+transitional.1 (unimportant)
NOTE: Since p7zip/16.02+transitional.1 src:p7zip is only a empty source
package
NOTE: depending on 7zip. Mark this version as fixed version.
NOTE:
https://securitylab.github.com/advisories/GHSL-2026-115_GHSL-2026-122_7-zip/
NOTE: Crash in CLI tool, no security impact
-CVE-2026-48095
+CVE-2026-48095 (7-Zip is a file archiver with a high compression ratio.
Versions 26.00 ...)
- 7zip 26.01+dfsg-1
- p7zip 16.02+transitional.1
NOTE: Since p7zip/16.02+transitional.1 src:p7zip is only a empty source
package
@@ -7868,7 +8992,7 @@ CVE-2026-7374 (A flaw was found in KubeVirt's
virt-handler component. This vulne
NOT-FOR-US: KubeVirt
CVE-2026-7310 (A heap-based buffer overflow vulnerability exists in XML parser
functi ...)
NOT-FOR-US: Hitachi Energy
-CVE-2026-7251 (Eppendorf BioFlo 320is vulnerable to due to VNC server using a
hard-co ...)
+CVE-2026-7251 (Eppendorf BioFlo 320is vulnerable due to VNC server using a
hard-coded ...)
NOT-FOR-US: Eppendorf
CVE-2026-4051 (IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0
could all ...)
NOT-FOR-US: IBM
@@ -9687,17 +10811,17 @@ CVE-2026-47243
NOT-FOR-US: Kata Containers
CVE-2026-45250 (The setcred(2) system call is only available to privileged
users. How ...)
NOT-FOR-US: FreeBSD
-CVE-2026-42547
+CVE-2026-42547 (IRIS is a web collaborative platform that helps incident
responders sh ...)
NOT-FOR-US: DFIR-IRIS
-CVE-2026-42543
+CVE-2026-42543 (IRIS is a web collaborative platform that helps incident
responders sh ...)
NOT-FOR-US: DFIR-IRIS
-CVE-2026-42540
+CVE-2026-42540 (IRIS is a web collaborative platform that helps incident
responders sh ...)
NOT-FOR-US: DFIR-IRIS
-CVE-2026-42539
+CVE-2026-42539 (IRIS is a web collaborative platform that helps incident
responders sh ...)
NOT-FOR-US: DFIR-IRIS
-CVE-2026-42538
+CVE-2026-42538 (IRIS is a web collaborative platform that helps incident
responders sh ...)
NOT-FOR-US: DFIR-IRIS
-CVE-2026-42329
+CVE-2026-42329 (Iris is a web collaborative platform that helps incident
responders sh ...)
NOT-FOR-US: DFIR-IRIS
CVE-2026-42326
{DSA-6310-1 DSA-6298-1 DLA-4609-1}
@@ -11169,7 +12293,7 @@ CVE-2026-50052 (In Vinyl Cache before 9.0.1 and Varnish
Cache before 9.0.3, a de
NOTE:
https://code.vinyl-cache.org/vinyl-cache/vinyl-cache/commit/dfc27fb4e7bf110945f5c145ce95b8de14ead77f
(master)
NOTE:
https://code.vinyl-cache.org/vinyl-cache/vinyl-cache/commit/037031d429e3d309ae66ebabff33aa591402f20e
(6.0)
CVE-2026-41054 (In `src/havegecmd.c`, the `socket_handler` function performs a
credent ...)
- {DSA-6292-1}
+ {DSA-6292-1 DLA-4616-1}
- haveged 1.9.21-1 (bug #1137096)
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1264086
NOTE: Introduced with:
https://github.com/jirka-h/haveged/commit/a2496c5de9af7e3ac3ef82a2257d14d8a0ac37fb
(1.9.3)
@@ -14024,7 +15148,7 @@ CVE-2026-43480 (In the Linux kernel, the following
vulnerability has been resolv
[bookworm] - linux 6.1.170-1
NOTE:
https://git.kernel.org/linus/53f3a900e9a383d47af7253076e19f510c5708d0 (7.0-rc4)
CVE-2026-48829 (In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer
dereference af ...)
- {DSA-6271-1}
+ {DSA-6271-1 DLA-4618-1}
- gsasl 2.2.3-1
NOTE:
https://lists.gnu.org/archive/html/help-gsasl/2026-05/msg00002.html
NOTE: Fixed by:
https://codeberg.org/gsasl/gsasl/commit/da9b5ae2962b014879e4a406c3b38f25aa70e97a
(v2.2.3)
@@ -14759,7 +15883,7 @@ CVE-2026-42048 (Langflow is a tool for building and
deploying AI-powered agents
CVE-2026-42045 (LobeHub is a work-and-lifestyle space to find, build, and
collaborate ...)
NOT-FOR-US: LobeHub
CVE-2026-42006 (An attacker can cause uncontrolled memory usage with excessive
bracing ...)
- {DSA-6313-1}
+ {DSA-6313-1 DLA-4617-1}
- dovecot 1:2.4.4+dfsg1-1 (bug #1136444)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/12/6
NOTE: Fixed by:
https://github.com/dovecot/core/commit/da1438c76b797f055d4ad7f0eaa17e5e29ca31ee
(2.4.4)
@@ -14920,7 +16044,7 @@ CVE-2026-40357 (Deserialization of untrusted data in
Microsoft Office SharePoint
CVE-2026-40300 (Zulip is an open-source team collaboration tool. Prior to
12.0, With m ...)
- zulip-server <itp> (bug #800052)
CVE-2026-40020 (Attacker can use the IMAP SETACL command to inject the anyone
permissi ...)
- {DSA-6313-1}
+ {DSA-6313-1 DLA-4617-1}
- dovecot 1:2.4.4+dfsg1-1 (bug #1136444)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/12/6
NOTE: Fixed by:
https://github.com/dovecot/core/commit/b7daa4104ff064c1fb549540cc9d96c2d9e2509c
(2.4.4)
@@ -14944,7 +16068,7 @@ CVE-2026-35438 (Missing authorization in Windows Admin
Center allows an authoriz
NOT-FOR-US: Microsoft
CVE-2026-35436 (Use after free in Microsoft Office allows an authorized
attacker to el ...)
NOT-FOR-US: Microsoft
-CVE-2026-35433 (Heap-based buffer overflow in .NET allows an unauthorized
attacker to ...)
+CVE-2026-35433 (Improper input validation in .NET allows an unauthorized
attacker to e ...)
NOT-FOR-US: Microsoft
CVE-2026-35429 (User interface (ui) misrepresentation of critical information
in Micro ...)
NOT-FOR-US: Microsoft
@@ -15077,7 +16201,7 @@ CVE-2026-33833 (Improper neutralization of special
elements in output used by a
CVE-2026-33821 (Improper privilege management in Microsoft Dynamics 365
Customer Insig ...)
NOT-FOR-US: Microsoft
CVE-2026-33603 (Attacker can use a specially crafted base64 exchange between
Dovecot a ...)
- {DSA-6313-1}
+ {DSA-6313-1 DLA-4617-1}
- dovecot 1:2.4.4+dfsg1-1 (bug #1136444)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/12/6
NOTE: Fixed by:
https://github.com/dovecot/core/commit/c1c53885bda550632b944dd305013cd010e0e058
(2.4.4)
@@ -15312,7 +16436,7 @@ CVE-2025-35969 (Uncontrolled search path for some
Intel(R) Server Firmware Updat
NOT-FOR-US: Intel
CVE-2025-27723 (Use after free for some Linux kernel driver for the Intel(R)
Ethernet ...)
NOT-FOR-US: Intel
-CVE-2025-12659 (The affected applications contains a memory corruption
vulnerability w ...)
+CVE-2025-12659 (Siemens Simcenter Femapcontains a memory corruption
vulnerability whil ...)
NOT-FOR-US: Siemens
CVE-2024-54017 (A vulnerability has been identified in SIPROTEC 5 6MD84
(CP300) (All v ...)
NOT-FOR-US: Siemens
@@ -89730,17 +90854,17 @@ CVE-2025-67724 (Tornado is a Python web framework and
asynchronous networking li
NOTE: Fixed by:
https://github.com/tornadoweb/tornado/commit/9c163aebeaad9e6e7d28bac1f33580eb00b0e421
(v6.5.3)
CVE-2025-67508 (gardenctl is a command-line client for the Gardener which
configures a ...)
NOT-FOR-US: Gardener
-CVE-2025-66590 (In AzeoTech DAQFactory release 20.7 (Build 2555), an
Out-of-bounds Wri ...)
+CVE-2025-66590 (In AzeoTech DAQFactory release 20.7 (Build 2555), an
out-of-bounds wri ...)
NOT-FOR-US: AzeoTech DAQFactory
CVE-2025-66589 (In AzeoTech DAQFactory release 20.7 (Build 2555), an
Out-of-bounds Rea ...)
NOT-FOR-US: AzeoTech DAQFactory
-CVE-2025-66588 (In AzeoTech DAQFactory release 20.7 (Build 2555), an Access of
Uniniti ...)
+CVE-2025-66588 (In AzeoTech DAQFactory release 20.7 (Build 2555), an access of
uniniti ...)
NOT-FOR-US: AzeoTech DAQFactory
CVE-2025-66587
REJECTED
-CVE-2025-66586 (In AzeoTech DAQFactory release 20.7 (Build 2555), an Access of
Resourc ...)
+CVE-2025-66586 (In AzeoTech DAQFactory release 20.7 (Build 2555), an access of
resourc ...)
NOT-FOR-US: AzeoTech DAQFactory
-CVE-2025-66585 (In AzeoTech DAQFactory release 20.7 (Build 2555), a Use After
Free vul ...)
+CVE-2025-66585 (In AzeoTech DAQFactory release 20.7 (Build 2555), a use after
free vul ...)
NOT-FOR-US: AzeoTech DAQFactory
CVE-2025-66584
REJECTED
@@ -141833,7 +142957,7 @@ CVE-2025-53509 (A vulnerability exists in Advantech
iView that allows for argume
NOT-FOR-US: Advantech
CVE-2025-53475 (A vulnerability exists in Advantech iView that could allow for
SQL in ...)
NOT-FOR-US: Advantech
-CVE-2025-53471 (Emerson ValveLink products receive input or data, but it do
not valid ...)
+CVE-2025-53471 (Emerson ValveLink products receive input or data, but does
not valida ...)
NOT-FOR-US: Emerson
CVE-2025-53397 (A vulnerability exists in Advantech iView versions prior to
5.7.05 bui ...)
NOT-FOR-US: Advantech
@@ -150550,7 +151674,7 @@ CVE-2025-49850 (A Heap-based Buffer Overflow
vulnerability exists within the par
NOT-FOR-US: LS Electric
CVE-2025-49849 (An Out-of-bounds Read vulnerability exists within the parsing
of PRJ f ...)
NOT-FOR-US: LS Electric
-CVE-2025-49848 (An Out-of-bounds Write vulnerability exists within the parsing
of PRJ ...)
+CVE-2025-49848 (An out-of-bounds write vulnerability exists within the parsing
of PRJ ...)
NOT-FOR-US: LS Electric
CVE-2025-49847 (llama.cpp is an inference of several LLM models in C/C++.
Prior to ver ...)
- llama.cpp 5713+dfsg-1 (bug #1108113)
@@ -163617,7 +164741,7 @@ CVE-2025-37799 (In the Linux kernel, the following
vulnerability has been resolv
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/4c2227656d9003f4d77afc76f34dd81b95e4c2c4 (6.15-rc5)
-CVE-2024-58135 (Mojolicious versions from 7.28 for Perl will generate weak
HMAC sessio ...)
+CVE-2024-58135 (Mojolicious versions from 7.28 through 9.45 for Perl will
generate wea ...)
- libmojolicious-perl <unfixed> (bug #1104633)
[trixie] - libmojolicious-perl <no-dsa> (Minor issue)
[bookworm] - libmojolicious-perl <no-dsa> (Minor issue)
@@ -282775,6 +283899,7 @@ CVE-2024-3431 (A vulnerability was found in EyouCMS
1.6.5. It has been declared
CVE-2024-3430 (A vulnerability was found in QKSMS up to 3.9.4 on Android. It
has been ...)
NOT-FOR-US: QKSMS
CVE-2024-31951 (In the Opaque LSA Extended Link parser in FRRouting (FRR)
through 9.1, ...)
+ {DSA-6322-1}
- frr 10.0.1-0.1 (bug #1070377)
[bookworm] - frr 8.4.4-1.1~deb12u2
[bullseye] - frr <not-affected> (Vulnerable code not present)
@@ -541011,8 +542136,8 @@ CVE-2020-25902 (Blackboard Collaborate Ultra 20.02 is
affected by a cross-site s
NOT-FOR-US: Blackboard Collaborate Ultra
CVE-2020-25901 (Host Header Injection in Spiceworks 7.5.7.0 allowing the
attacker to r ...)
NOT-FOR-US: Spiceworks
-CVE-2020-25900
- RESERVED
+CVE-2020-25900 (HelloTalk through 3.4.1 stores full-precision GPS coordinates
even whe ...)
+ TODO: check
CVE-2020-25899
RESERVED
CVE-2020-25898
@@ -752608,7 +753733,7 @@ CVE-2017-6036 (A Server-Side Request Forgery issue
was discovered in Belden Hirs
NOT-FOR-US: Belden Hirschmann GECKO Lite Managed switch
CVE-2017-6035 (A Stack-Based Buffer Overflow issue was discovered in Wecon
Technologi ...)
NOT-FOR-US: Wecon
-CVE-2017-6034 (An Authentication Bypass by Capture-Replay issue was discovered
in Sch ...)
+CVE-2017-6034 (An authentication bypass by capture-replay issue was discovered
in Sch ...)
NOT-FOR-US: Schneider Electric
CVE-2017-6033 (A DLL Hijacking issue was discovered in Schneider Electric
Interactive ...)
NOT-FOR-US: Schneider Electric
@@ -752616,7 +753741,7 @@ CVE-2017-6032 (A Violation of Secure Design
Principles issue was discovered in S
NOT-FOR-US: Schneider Electric
CVE-2017-6031 (A Header Injection issue was discovered in Certec EDV GmbH
atvise scad ...)
NOT-FOR-US: Certec EDV GmbH atvise scada
-CVE-2017-6030 (A Predictable Value Range from Previous Values issue was
discovered in ...)
+CVE-2017-6030 (A predictable value range from previous values issue was
discovered in ...)
NOT-FOR-US: Schneider Electric
CVE-2017-6029 (A Cross-Site Scripting issue was discovered in Certec EDV GmbH
atvise ...)
NOT-FOR-US: Certec EDV GmbH atvise scada
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09ece072129365f4cb89bc4d0b722887f9c83b35
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09ece072129365f4cb89bc4d0b722887f9c83b35
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
