Henri Salo pushed to branch master at Debian Security Tracker / security-tracker


Commits:
726a4d66 by Henri Salo at 2026-06-25T12:52:40+03:00
NFU Apache Kvrocks

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3968,6 +3968,8 @@ CVE-2026-54419 (claudiopizzillo PIAF-HMS (PBX-In-A-Flash 
Hotel Management System
        NOT-FOR-US: PBX-In-A-Flash Hotel Management System
 CVE-2026-54390 (JTL Shop versions 5.2.0 through 5.7.1 contains a server-side 
template  ...)
        NOT-FOR-US: JTL Shop
+CVE-2026-54226
+       NOT-FOR-US: Apache Kvrocks
 CVE-2026-54224 (UBB.threads is vulnerable to Denial of Service (DoS). By 
sending multi ...)
        NOT-FOR-US: UBB.threads
 CVE-2026-54223 (UBB.threads is vulnerable to Path traversal, allowing 
attackers with p ...)
@@ -12223,6 +12225,8 @@ CVE-2026-41567 (Moby is an open source container 
framework. In versions prior to
        - docker.io 28.5.2+dfsg4-3 (bug #1139965)
        NOTE: 
https://github.com/moby/moby/security/advisories/GHSA-x86f-5xw2-fm2r
        NOTE: Fixed by: 
https://github.com/moby/moby/commit/2022313ffe5a8c04890b5295bc52670ee6df8070 
(docker-v29.5.1)
+CVE-2026-41566
+       NOT-FOR-US: Apache Kvrocks
 CVE-2026-41522 (Iris is a web collaborative platform that helps incident 
responders sh ...)
        NOT-FOR-US: DFIR-IRIS
 CVE-2026-41518 (Chartbrew is an open-source web application that can connect 
directly  ...)
@@ -25128,6 +25132,8 @@ CVE-2026-45442 (Missing Authorization vulnerability in 
Brainstorm Force Presto P
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-45434 (Improper Authentication vulnerability in Apache OFBiz via 
Password-Cha ...)
        NOT-FOR-US: Apache software not packaged in Debian
+CVE-2026-45188
+       NOT-FOR-US: Apache Kvrocks
 CVE-2026-45187 (Improper Authorization vulnerability in Apache OFBiz Webtools. 
 This i ...)
        NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-44408 (There is an unauthorized access vulnerability in ZTE MU5250. 
Due to im ...)
@@ -60232,6 +60238,10 @@ CVE-2026-4676 (Use after free in Dawn in Google Chrome 
prior to 146.0.7680.165 a
        {DSA-6177-1}
        - chromium 146.0.7680.164-1
        [bullseye] - chromium <end-of-life> (see #1061268)
+CVE-2026-46752
+       NOT-FOR-US: Apache Kvrocks
+CVE-2026-46751
+       NOT-FOR-US: Apache Kvrocks
 CVE-2026-4675 (Heap buffer overflow in WebGL in Google Chrome prior to 
146.0.7680.165 ...)
        {DSA-6177-1}
        - chromium 146.0.7680.164-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/726a4d664b1f13d42ad0ecca6bb89d6ad47b3bad

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/726a4d664b1f13d42ad0ecca6bb89d6ad47b3bad
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to