Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
71c9cc3f by security tracker role at 2026-07-03T07:13:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,156 @@
-CVE-2026-58381
+CVE-2026-9725 (The Printcart Web to Print Product Designer for WooCommerce 
plugin for ...)
+       TODO: check
+CVE-2026-9626 (The JSON API User plugin for WordPress is vulnerable to Stored 
Cross-S ...)
+       TODO: check
+CVE-2026-9180 (The MotoPress Appointment Booking plugin for WordPress is 
vulnerable t ...)
+       TODO: check
+CVE-2026-8921 (External Control of File Name or Path vulnerability in ASUS 
Business M ...)
+       TODO: check
+CVE-2026-8892 (The CM Business Directory \u2013 Optimise and showcase local 
business  ...)
+       TODO: check
+CVE-2026-8489 (The Ultimate Member \u2013 User Profile, Registration, Login, 
Member D ...)
+       TODO: check
+CVE-2026-8247 (An Out-of-bounds Write vulnerability in WatchGuard Fireware OS 
may all ...)
+       TODO: check
+CVE-2026-59102 (Forgejo before 15.0.3 contains a stored cross-site scripting 
vulnerabi ...)
+       TODO: check
+CVE-2026-59101 (AutoBangumi before 3.2.8 contains a server-side request 
forgery (SSRF) ...)
+       TODO: check
+CVE-2026-59100 (LobeChat through 2.2.9 contains a broken object level 
authorization vu ...)
+       TODO: check
+CVE-2026-59099 (Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic 
vulnerabili ...)
+       TODO: check
+CVE-2026-59098 (LobeChat through 2.2.9 contains a broken access control 
vulnerability  ...)
+       TODO: check
+CVE-2026-59097 (Taiga before 6.10.2 contains a missing authorization 
vulnerability tha ...)
+       TODO: check
+CVE-2026-59096 (Dapr Sentry's OIDC discovery endpoint derives the issuer and 
jwks_uri  ...)
+       TODO: check
+CVE-2026-59095 (LobeChat before 2.2.10-canary.18 contains a server-side 
request forger ...)
+       TODO: check
+CVE-2026-59094 (Pathway through 0.31.1, fixed in commit d09722e, document 
store applie ...)
+       TODO: check
+CVE-2026-59093 (Weaviate before 1.38.0 does not verify that a principal 
performing an  ...)
+       TODO: check
+CVE-2026-59092 (JuiceFS through 1.3.1, fixed in commit a46979c, contains an 
authentica ...)
+       TODO: check
+CVE-2026-58580 (LobeChat through 2.2.9 server-database deployments are 
vulnerable to b ...)
+       TODO: check
+CVE-2026-58579 (RAGFlow before 0.26.3 stores an agent pipeline (DSL) node name 
without ...)
+       TODO: check
+CVE-2026-58578 (LobeChat before version 2.2.10-canary.15 contains a regular 
expression ...)
+       TODO: check
+CVE-2026-58467 (Cockpit CMS before release 364 contains a path traversal and 
local fil ...)
+       TODO: check
+CVE-2026-58466 (AutoBangumi before 3.2.8 contains a hard-coded default 
credentials vul ...)
+       TODO: check
+CVE-2026-58460 (react-native-receive-sharing-intent contains a path traversal 
vulnerab ...)
+       TODO: check
+CVE-2026-57100 (Server-side request forgery (ssrf) in Microsoft Entra 
Provisioning Ser ...)
+       TODO: check
+CVE-2026-55726 (The Azure Blob Storage container used for Gardyn device logs 
is public ...)
+       TODO: check
+CVE-2026-54998 (Incorrect authorization in Microsoft Exchange Online allows an 
authori ...)
+       TODO: check
+CVE-2026-54477 (The admin panel lacks standard security headers, enabling 
clickjacking ...)
+       TODO: check
+CVE-2026-52830 (fast-mcp-telegram is a Telegram MCP Server. Prior to 0.19.1, 
fast-mcp- ...)
+       TODO: check
+CVE-2026-52192 (An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a 
remote at ...)
+       TODO: check
+CVE-2026-52191 (Buffer Overflow vulnerability in UTT nv518G 
nv518GV3v3.2.7-210919-1613 ...)
+       TODO: check
+CVE-2026-52189 (Buffer Overflow vulnerability in UTT nv518G 
nv518GV3v3.2.7-210919-1613 ...)
+       TODO: check
+CVE-2026-52188 (Buffer Overflow vulnerability in UTT nv518G 
nv518GV3v3.2.7-210919-1613 ...)
+       TODO: check
+CVE-2026-52187 (Buffer Overflow vulnerability in UTT nv518G 
nv518GV3v3.2.7-210919-1613 ...)
+       TODO: check
+CVE-2026-50722 (Libreswan, via the function 
RSA_authenticate_hash_signature_pkcs1_1_5_ ...)
+       TODO: check
+CVE-2026-50721 (Libreswan, via the function 
RSA_authenticate_hash_signature_raw_rsa(), ...)
+       TODO: check
+CVE-2026-4967 (In IMS, there is a possible out of bounds read due to a missing 
bounds ...)
+       TODO: check
+CVE-2026-45499 (Server-side request forgery (ssrf) in Azure OpenAI allows an 
authorize ...)
+       TODO: check
+CVE-2026-41106 (Url redirection to untrusted site ('open redirect') in M365 
Copilot al ...)
+       TODO: check
+CVE-2026-38972 (Notepad3 through 6.25.822.1 contains a DLL search-order 
hijacking vuln ...)
+       TODO: check
+CVE-2026-38971 (ardupilot through Plane-4.6.3 was found to contain an 
out-of-bounds re ...)
+       TODO: check
+CVE-2026-38970 (pdfcpu through v0.11.1 contains an uncontrolled-recursion 
denial-of-se ...)
+       TODO: check
+CVE-2026-38969 (ruby webrick through v1.9.2 WEBrick reparses trailer 
Content-Length in ...)
+       TODO: check
+CVE-2026-38968 (ntopng through 6.6 is vulnerable to Predictable Session 
Identifier whi ...)
+       TODO: check
+CVE-2026-26145 (Improper access control in Azure Synapse allows an authorized 
attacker ...)
+       TODO: check
+CVE-2026-14352 (The AR for WooCommerce plugin for WordPress is vulnerable to 
Directory ...)
+       TODO: check
+CVE-2026-14327 (The AR for WordPress plugin for WordPress is vulnerable to 
Directory T ...)
+       TODO: check
+CVE-2026-13768 (Gardyn devices expose a privileged iothubowner key. Access to 
this key ...)
+       TODO: check
+CVE-2026-13728 (In exception circumstances, WatchGuard Fireware OS on a 
FireCluster ma ...)
+       TODO: check
+CVE-2026-13722 (WatchGuard Fireware OS contains a firmware validation bypass 
when proc ...)
+       TODO: check
+CVE-2026-13384 (An Out-of-bounds Write vulnerability in WatchGuard Fireware OS 
wgagent ...)
+       TODO: check
+CVE-2026-13383 (An Out-of-bounds Write vulnerability in WatchGuard Fireware OS 
ikestub ...)
+       TODO: check
+CVE-2026-13377 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
+       TODO: check
+CVE-2026-13376 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
+       TODO: check
+CVE-2026-13375 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
+       TODO: check
+CVE-2026-13374 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
+       TODO: check
+CVE-2026-13373 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
+       TODO: check
+CVE-2026-13371 (An authenticated administrator can trigger a denial-of-service 
conditi ...)
+       TODO: check
+CVE-2026-13368 (WatchGuard Fireware OS contains a race condition leading to a 
use-afte ...)
+       TODO: check
+CVE-2026-13084 (A null pointer dereference vulnerability in WatchGuard 
Fireware OS may ...)
+       TODO: check
+CVE-2026-13079 (A local privilege escalation vulnerability in the WatchGuard 
Mobile VP ...)
+       TODO: check
+CVE-2026-13054 (A path traversal vulnerability in the WatchGuard Fireware OS 
Managemen ...)
+       TODO: check
+CVE-2026-13053 (An Out-of-bounds Write vulnerability in WatchGuard Fireware 
OS's CLI c ...)
+       TODO: check
+CVE-2026-13050 (An Out-of-bounds Write vulnerability in WatchGuard Fireware OS 
network ...)
+       TODO: check
+CVE-2026-13040 (The NEX-Forms \u2013 Ultimate Forms Plugin for WordPress 
plugin for Wo ...)
+       TODO: check
+CVE-2026-12960 (An Improper Export of Android Application Components 
vulnerability in  ...)
+       TODO: check
+CVE-2026-12920 (The Cookie Banner for GDPR / CCPA \u2013 WPLP Cookie Consent 
plugin fo ...)
+       TODO: check
+CVE-2026-12734 (The weDocs: AI Powered Knowledge Base, Docs, Documentation, 
Wiki & AI  ...)
+       TODO: check
+CVE-2026-12731 (The weDocs: AI Powered Knowledge Base, Docs, Documentation, 
Wiki & AI  ...)
+       TODO: check
+CVE-2026-12729 (The weDocs: AI Powered Knowledge Base, Docs, Documentation, 
Wiki & AI  ...)
+       TODO: check
+CVE-2026-12557 (The Ninja Forms - File Uploads plugin for WordPress is 
vulnerable to a ...)
+       TODO: check
+CVE-2026-12413 (An invalidly formatted IKEv2 fragment causes the Libreswan 
pluto daemo ...)
+       TODO: check
+CVE-2026-11397 (The WP Import Export Lite plugin for WordPress is vulnerable 
to Server ...)
+       TODO: check
+CVE-2025-71385 (Netdata before 2.3.1 reflects the user-supplied love query 
parameter o ...)
+       TODO: check
+CVE-2022-4990 (** UNSUPPORTED WHEN ASSIGNED ** Improper Validation of 
Specified Quant ...)
+       TODO: check
+CVE-2022-4989 (** UNSUPPORTED WHEN ASSIGNED ** Improper Validation of 
Specified Quant ...)
+       TODO: check
+CVE-2026-58381 (A flaw was found in GIMP's PSP file format parser. A 
double-free condi ...)
        - gimp 3.2.4-1
        NOTE: https://gitlab.gnome.org/GNOME/gimp/-/work_items/16207
        NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/b22e147b9dac6a57c50f3162262aa18fa1b1e210
 (GIMP_3_2_4)
@@ -8602,25 +8754,25 @@ CVE-2026-10091 (The Email JavaScript Cloak plugin for 
WordPress is vulnerable to
        NOT-FOR-US: WordPress plugin
 CVE-2025-64105 (FOSSBilling is a billing and client management system that 
automates i ...)
        NOT-FOR-US: FOSSBilling
-CVE-2026-8286
+CVE-2026-8286 (A vulnerability exists where a new transfer that uses STARTTLS 
to upgr ...)
        - curl 8.21.0~rc2-1
        [trixie] - curl <no-dsa> (Minor issue)
        NOTE: https://curl.se/docs/CVE-2026-8286.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/a1701eea289fe7ea80651f801cf992838a491dde 
(curl-7_30_0)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/a86efdd7ca5433de9231e650f18247de8319ad16 
(rc-8_21_0-1, curl-8_21_0)
-CVE-2026-8458
+CVE-2026-8458 (libcurl might in some circumstances reuse the wrong connection 
when as ...)
        - curl 8.21.0~rc2-1
        [trixie] - curl <no-dsa> (Minor issue)
        NOTE: https://curl.se/docs/CVE-2026-8458.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/97c272e5d173ad5f706443e2477f0a84f0044edd 
(curl-7_43_0)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/5e99b73cf441d9c369768b9cd48b5389b9a2503d 
(rc-8_21_0-1, curl-8_21_0)
-CVE-2026-8924
+CVE-2026-8924 (A flaw in curl\u2019s cookie parsing logic allows a malicious 
HTTP ser ...)
        - curl 8.21.0~rc2-1
        [trixie] - curl <no-dsa> (Minor issue)
        NOTE: https://curl.se/docs/CVE-2026-8924.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/e77b5b7453c1e8ccd7ec0816890d98e2f392e465 
(curl-7_46_0)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/51beed175dbfc37da3113f6acce60c630c070ce8 
(rc-8_21_0-1, curl-8_21_0)
-CVE-2026-8925
+CVE-2026-8925 (The curl logic that works with SASL authentication could end up 
cleani ...)
        - curl 8.21.0~rc2-1
        [trixie] - curl <not-affected> (Vulnerable code not present)
        [bookworm] - curl <not-affected> (Vulnerable code not present)
@@ -8628,7 +8780,7 @@ CVE-2026-8925
        NOTE: https://curl.se/docs/CVE-2026-8925.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/ab650379a8c25ca952f651476d25b4cdd77bb3fc 
(curl-8_15_0)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/3da249e1f0716c06644ed3522a37a8bf81808012 
(rc-8_21_0-1, curl-8_21_0)
-CVE-2026-8926
+CVE-2026-8926 (When asking curl to use a `.netrc` file to find credentials and 
at the ...)
        - curl 8.21.0~rc2-1
        [trixie] - curl <no-dsa> (Minor issue)
        [bookworm] - curl <not-affected> (Vulnerable code not present)
@@ -8636,19 +8788,19 @@ CVE-2026-8926
        NOTE: https://curl.se/docs/CVE-2026-8926.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/e9b9bbac22c26cf67316fa8e6c6b9e831af31949 
(curl-8_11_1)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/4ae1d7cc2643e4773a136395f12bc02fc6867854 
(rc-8_21_0-1, curl-8_21_0)
-CVE-2026-8927
+CVE-2026-8927 (When reusing a libcurl handle for sequential transfers driven 
by envir ...)
        - curl 8.21.0~rc2-1
        [trixie] - curl <no-dsa> (Minor issue)
        NOTE: https://curl.se/docs/CVE-2026-8927.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/fc6eff13b5414caf6edf22d73a3239e074a04216 
(curl-7_12_0)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/5c225384b8d52c67ce8259c6e4203bc57aacb567 
(rc-8_21_0-1, curl-8_21_0)
-CVE-2026-8932
+CVE-2026-8932 (libcurl would reuse a previously created connection even when 
some mTL ...)
        - curl 8.21.0~rc2-1
        [trixie] - curl <no-dsa> (Minor issue)
        NOTE: https://curl.se/docs/CVE-2026-8932.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/a1d6ad26100bc493c7b04f1301b1634b7f5aa8b4 
(curl-7_7)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/7541ae569d82fb308a5e2d94916027da4fa3ba3e 
(rc-8_21_0-1, curl-8_21_0)
-CVE-2026-9079
+CVE-2026-9079 (libcurl had a flaw that when instructed to clear proxy 
authentication  ...)
        - curl 8.21.0~rc2-1
        [trixie] - curl <no-dsa> (Minor issue)
        [bookworm] - curl <not-affected> (Vulnerable code not present)
@@ -8656,7 +8808,7 @@ CVE-2026-9079
        NOTE: https://curl.se/docs/CVE-2026-9079.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/d5e83eb745762f48d8fafadc5df5dd3ae8d8941e 
(curl-8_8_0)
        NOTE: Fixed by:  
https://github.com/curl/curl/commit/88c7e16cceec816a2df45c899d49b1e85513f193 
(rc-8_21_0-1, curl-8_21_0)
-CVE-2026-9080
+CVE-2026-9080 (Calling `curl_easy_pause()` within the event-based 
`CURLMOPT_SOCKETFUN ...)
        - curl 8.21.0~rc2-1
        [trixie] - curl <no-dsa> (Minor issue)
        [bookworm] - curl <not-affected> (Vulnerable code not present)
@@ -8664,7 +8816,7 @@ CVE-2026-9080
        NOTE: https://curl.se/docs/CVE-2026-9080.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/cfc657a48dbafb4194676d4c9d841388b3a22210 
(curl-8_13_0)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/5ab34cba42e4ee4282fe8bab43f311d51b9bf9bd 
(rc-8_21_0-1, curl-8_21_0)
-CVE-2026-9545
+CVE-2026-9545 (In this scenario, libcurl first uses a proper HTTP/3 server for 
the in ...)
        - curl 8.21.0~rc2-1
        [trixie] - curl <no-dsa> (Minor issue)
        [bookworm] - curl <not-affected> (Vulnerable code not present)
@@ -8672,7 +8824,7 @@ CVE-2026-9545
        NOTE: https://curl.se/docs/CVE-2026-9545.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/962097b8dd44ed5b9e7984bc1cdffdbdd566857f 
(curl-8_11_0)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/7b9613fa9b1a5e04301a3920eef58e8138dad05e 
(rc-8_21_0-1, curl-8_21_0)
-CVE-2026-9546
+CVE-2026-9546 (A vulnerability in libcurl caused the HTTP `Referer:` header to 
persis ...)
        - curl 8.21.0~rc2-1
        [trixie] - curl <not-affected> (Vulnerable code not present)
        [bookworm] - curl <not-affected> (Vulnerable code not present)
@@ -8680,19 +8832,19 @@ CVE-2026-9546
        NOTE: https://curl.se/docs/CVE-2026-9546.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/2cb868242dc2ac9cd52ee64987ef51d5964a56f9 
(curl-8_18_0)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/862e8a74a84478d82973471b4f49dc2746c1780e 
(rc-8_21_0-1, curl-8_21_0)
-CVE-2026-9547
+CVE-2026-9547 (When a libcurl-based application performs transfers via 
`SCP://` or `S ...)
        - curl 8.21.0~rc2-1
        [trixie] - curl <no-dsa> (Minor issue)
        NOTE: https://curl.se/docs/CVE-2026-9547.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/507cf6a13db0375eadd4655b4c64710db29e9cf2 
(curl-7_69_0)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/0b8dbbc63c98777e4584cb9fbd71df3464008ad1 
(rc-8_21_0-1, curl-8_21_0)
-CVE-2026-10536
+CVE-2026-10536 (A use-after-free vulnerability exists in libcurl when an 
application c ...)
        - curl 8.21.0~rc2-1
        [trixie] - curl <no-dsa> (Minor issue)
        NOTE: https://curl.se/docs/CVE-2026-10536.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/71b7e0161032927cdfb4e75ea40f65b8898b3956 
(curl-7_88_0)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/bfbff7852f050232edd3e5ca5c6bf2021c340f5a 
(rc-8_21_0-1, curl-8_21_0)
-CVE-2026-11352
+CVE-2026-11352 (An issue in curl\u2019s QUIC UDP receive function allows a 
malicious H ...)
        - curl 8.21.0~rc2-1
        [trixie] - curl <not-affected> (Vulnerable code not present)
        [bookworm] - curl <not-affected> (Vulnerable code not present)
@@ -8700,7 +8852,7 @@ CVE-2026-11352
        NOTE: https://curl.se/docs/CVE-2026-11352.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/6a3d0b6d631d5e9bec797306b5b41a9f440a088d 
(curl-8_18_0)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/56eca2afb4806f1032872fa97d1834b3c1385276 
(rc-8_21_0-2, curl-8_21_0)
-CVE-2026-11564
+CVE-2026-11564 (libcurl keeps previously used connections in a connection pool 
for sub ...)
        - curl 8.21.0~rc2-1
        [trixie] - curl <not-affected> (Vulnerable code not present)
        [bookworm] - curl <not-affected> (Vulnerable code not present)
@@ -8708,7 +8860,7 @@ CVE-2026-11564
        NOTE: https://curl.se/docs/CVE-2026-11564.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/eefd03c572996e5de4dec4fe295ad6f103e0eefc 
(curl-8_17_0)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/d69bfad3fa3daf5e72331f6870667607828d5891 
(rc-8_21_0-2, curl-8_21_0)
-CVE-2026-11586
+CVE-2026-11586 (By default, curl automatically responds to WebSocket PING 
frames. Beca ...)
        - curl 8.21.0~rc3-1
        [trixie] - curl <not-affected> (Vulnerable code not present)
        [bookworm] - curl <not-affected> (Vulnerable code not present)
@@ -8716,13 +8868,13 @@ CVE-2026-11586
        NOTE: https://curl.se/docs/CVE-2026-11586.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/0b091328773c64e23f5c4739da74527093c6a5ab 
(curl-8_16_0)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/849317ff5c5a5e13f50ec3d001e46ddffa77d8a4 
(rc-8_21_0-3, curl-8_21_0)
-CVE-2026-11856
+CVE-2026-11856 (Successfully using libcurl to do a transfer to a specific HTTP 
origin  ...)
        - curl 8.21.0~rc3-1
        [trixie] - curl <no-dsa> (Minor issue)
        NOTE: https://curl.se/docs/CVE-2026-11856.html
        NOTE: Introduced with: 
https://github.com/curl/curl/commit/334d78cd18a7310144383929bdcef34ffbf6159b 
(curl-7_10_6)
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/5c6b4880357ab3e72967c1c45cae0f96ffabc535 
(rc-8_21_0-3, curl-8_21_0)
-CVE-2026-12064
+CVE-2026-12064 (When a user invokes curl using a schemeless URL combined with 
`--proto ...)
        - curl 8.21.0~rc3-1
        [trixie] - curl <no-dsa> (Minor issue)
        NOTE: https://curl.se/docs/CVE-2026-12064.html
@@ -9786,7 +9938,7 @@ CVE-2026-4110 (The ultimate-woocommerce-auction-pro 
WordPress plugin through 2.4
        NOT-FOR-US: WordPress plugin
 CVE-2026-12845
        REJECTED
-CVE-2026-12823 (A security flaw has been discovered in Browserbase up to 
20260526. Thi ...)
+CVE-2026-12823 (A security flaw has been discovered in Browserbase Skills up 
to 202605 ...)
        NOT-FOR-US: Browserbase
 CVE-2026-12822 (A vulnerability was identified in langflow-ai langflow up to 
1.9.3. Th ...)
        NOT-FOR-US: langflow-ai
@@ -29141,18 +29293,21 @@ CVE-2026-48697 (FastNetMon Community Edition through 
1.2.9 does not verify TLS c
        [bookworm] - fastnetmon <no-dsa> (Minor issue)
        NOTE: 
https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48697-missing-tls-validation
 CVE-2026-48696 (FastNetMon Community Edition through 1.2.9 has a buffer 
overflow, a di ...)
+       {DSA-6375-1}
        - fastnetmon 1.2.9-1 (unimportant; bug #1138646)
        NOTE: 
https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48696-exabgp-sprintf-overflow
        NOTE: Crosses no real security boundary, requires attacker to modify 
config file
        NOTE: https://github.com/pavel-odintsov/fastnetmon/pull/1050
        NOTE: 
https://github.com/pavel-odintsov/fastnetmon/commit/97b04568b6f12977aedb9682fcd9ca7ca952e84a
 (v1.2.9)
 CVE-2026-48695 (FastNetMon Community Edition through 1.2.9 contains an OS 
command inje ...)
+       {DSA-6375-1}
        - fastnetmon 1.2.9-1 (unimportant; bug #1138646)
        NOTE: 
https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48695-mikrotik-cmd-injection
        NOTE: Crosses no meaningful security boundary
        NOTE: https://github.com/pavel-odintsov/fastnetmon/pull/1047
        NOTE: 
https://github.com/pavel-odintsov/fastnetmon/commit/54a95427a1f6fe0237ddb0c3fc14622df1c93870
 (v1.2.9)
 CVE-2026-48694 (FastNetMon Community Edition through 1.2.9 contains a 
configuration in ...)
+       {DSA-6375-1}
        - fastnetmon 1.2.9-1 (unimportant; bug #1138646)
        NOTE: 
https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48694-juniper-netconf-injection
        NOTE: Crosses no meaningful security boundary
@@ -29167,51 +29322,60 @@ CVE-2026-48692 (FastNetMon Community Edition through 
1.2.9 exposes a gRPC API se
        NOTE: 
https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48692-grpc-no-auth
        NOTE: Not a vulnerability by itself, controlling access is the 
responsibility of the deployment
 CVE-2026-48691 (FastNetMon Community Edition through 1.2.9 contains an integer 
overflo ...)
+       {DSA-6375-1}
        - fastnetmon 1.2.9-1 (unimportant; bug #1138646)
        NOTE: 
https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48691-bgp-as-path-overflow
        NOTE: Not a vulnerability, at best an interop issue
        NOTE: 
https://github.com/pavel-odintsov/fastnetmon/commit/94c66d5b100c42fb8bd10a22ca595e46895d60d0
 (v1.2.9)
        NOTE: https://github.com/pavel-odintsov/fastnetmon/pull/1054
 CVE-2026-48690 (FastNetMon Community Edition through 1.2.9 contains an integer 
overflo ...)
+       {DSA-6375-1}
        - fastnetmon 1.2.9-1 (unimportant; bug #1138646)
        NOTE: 
https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48690-packet-storage-integer-overflow
        NOTE: Crosses no real security boundary, requires attacker to modify 
config file
        NOTE: 
https://github.com/pavel-odintsov/fastnetmon/commit/4606af43731055297063177263c0107b82ef8986
 (v1.2.9)
        NOTE: https://github.com/pavel-odintsov/fastnetmon/pull/1056
 CVE-2026-48689 (FastNetMon Community Edition through 1.2.9 contains an 
off-by-one heap ...)
+       {DSA-6375-1}
        - fastnetmon 1.2.9-1 (bug #1138646)
        NOTE: 
https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48689-dynamic-buffer-off-by-one
        NOTE: https://github.com/pavel-odintsov/fastnetmon/pull/1051
        NOTE: 
https://github.com/pavel-odintsov/fastnetmon/commit/fa80390ed446f887ca6fa39c9e5b6fff8846e822
 (v1.2.9)
 CVE-2026-48688 (FastNetMon Community Edition through 1.2.9 contains multiple 
out-of-bo ...)
+       {DSA-6375-1}
        - fastnetmon 1.2.9-1 (bug #1138646)
        NOTE: 
https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48688-bgp-mp-reach-nlri-ipv6
        NOTE: 
https://github.com/pavel-odintsov/fastnetmon/commit/04e26ac2e0861efe7a50f3c3fd27e57f840aa4a3
 (v1.2.9)
        NOTE: https://github.com/pavel-odintsov/fastnetmon/pull/1055
 CVE-2026-48687 (FastNetMon Community Edition through 1.2.9 contains an OS 
command inje ...)
+       {DSA-6375-1}
        - fastnetmon 1.2.9-1 (unimportant; bug #1138646)
        NOTE: 
https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48687-juniper-cmd-injection
        NOTE: Crosses no meaningful security boundary
        NOTE: https://github.com/pavel-odintsov/fastnetmon/pull/1049
        NOTE: 
https://github.com/pavel-odintsov/fastnetmon/commit/6f58184fb60248df011c4c379bf445e07609ad27
 (v1.2.9)
 CVE-2026-48686 (FastNetMon Community Edition through 1.2.9 contains a 
stack-based buff ...)
+       {DSA-6375-1}
        - fastnetmon 1.2.9-1 (unimportant; bug #1138646)
        NOTE: 
https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48686-bgp-nlri-stack-overflow
        NOTE: Crosses no meaningful security boundary, if there's an rogue BGP 
peer, there's bigger issues
        NOTE: https://github.com/pavel-odintsov/fastnetmon/pull/1053
        NOTE: 
https://github.com/pavel-odintsov/fastnetmon/commit/265a767635767d7a08391dbe7f98f750d2ea04d0
 (v1.2.9)
 CVE-2026-48685 (FastNetMon Community Edition through 1.2.9 has out-of-bounds 
memory ac ...)
+       {DSA-6375-1}
        - fastnetmon 1.2.9-1 (unimportant; bug #1138646)
        NOTE: 
https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48685-bgp-extended-length
        NOTE: Not a vulnerability, at best an interop issue
        NOTE: 
https://github.com/pavel-odintsov/fastnetmon/commit/2bf813b2590b9847308877a65fc72df560dd282f
 (v1.2.9)
 CVE-2026-48684 (FastNetMon Community Edition through 1.2.9 contains an 
out-of-bounds r ...)
+       {DSA-6375-1}
        - fastnetmon 1.2.9-1 (unimportant; bug #1138646)
        NOTE: 
https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48684-netflow-v9-options-oob
        NOTE: Not a vulnerability by itself, controlling access is the 
responsibility of the deployment
        NOTE: 
https://github.com/pavel-odintsov/fastnetmon/commit/aa1069abaa8624e50b5d0c6c8ccd0f5d9ddc111e
 (v1.2.9)
        NOTE: https://github.com/pavel-odintsov/fastnetmon/pull/1057
 CVE-2026-48683 (FastNetMon Community Edition through 1.2.9 contains an 
out-of-bounds r ...)
+       {DSA-6375-1}
        - fastnetmon 1.2.9-1 (unimportant; bug #1138646)
        NOTE: 
https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48683-netflow-v9-data-oob
        NOTE: Not a vulnerability by itself, controlling access is the 
responsibility of the deployment
@@ -61513,6 +61677,7 @@ CVE-2026-4819 (In Search Guard FLX versions from 1.0.0 
up to 4.0.1, the audit lo
 CVE-2026-4818 (In Search Guard FLX versions from 3.0.0 up to 4.0.1, there 
exists an i ...)
        NOT-FOR-US: Search Guard FLX
 CVE-2026-4800 (Impact:  The fix for CVE-2021-23337 
(https://github.com/advisories/GHS ...)
+       {DLA-4663-1}
        - node-lodash 4.18.1+dfsg-1 (bug #1132500)
        [trixie] - node-lodash <no-dsa> (Minor issue)
        [bookworm] - node-lodash <no-dsa> (Minor issue)
@@ -61918,6 +62083,7 @@ CVE-2026-30277 (An arbitrary file overwrite 
vulnerability in PDF Reader App : TA
 CVE-2026-30276 (An arbitrary file overwrite vulnerability in DeftPDF Document 
Translat ...)
        NOT-FOR-US: DeftPDF
 CVE-2026-2950 (Impact:  Lodash versions 4.17.23 and earlier are vulnerable to 
prototy ...)
+       {DLA-4663-1}
        - node-lodash 4.18.1+dfsg-1
        [trixie] - node-lodash <no-dsa> (Minor issue)
        [bookworm] - node-lodash <no-dsa> (Minor issue)
@@ -63393,7 +63559,7 @@ CVE-2026-31945 (LibreChat is a ChatGPT clone with 
additional features. Versions
        NOT-FOR-US: LibreChat
 CVE-2026-31943 (LibreChat is a ChatGPT clone with additional features. Prior 
to versio ...)
        NOT-FOR-US: LibreChat
-CVE-2026-30689 (A blog.admin v.8.0 and before system's getinfobytoken API 
interface co ...)
+CVE-2026-30689 (In Blog.Core through bcb4d17, the getinfobytoken API interface 
contain ...)
        NOT-FOR-US: blog.admin
 CVE-2026-30637 (Server-Side Request Forgery (SSRF) vulnerability exists in the 
AnnounC ...)
        NOT-FOR-US: OTCMS
@@ -93774,6 +93940,7 @@ CVE-2025-13878 (Malformed BRID/HHIT records can cause 
`named` to terminate unexp
        NOTE: Fixed by: 
https://gitlab.isc.org/isc-projects/bind9/-/commit/d4c0d617015625330f08a3f86a10a533cec0f6ec
 (v9.20.18)
        NOTE: Fixed by: 
https://gitlab.isc.org/isc-projects/bind9/-/commit/7bf83f69a80bdc6094c2adee3595e28b1b3e19ea
 (v9.21.17)
 CVE-2025-13465 (Lodash versions 4.0.0 through 4.17.22 are vulnerable to 
prototype poll ...)
+       {DLA-4663-1}
        - node-lodash 4.17.21+dfsg+~cs8.31.198.20210220-10 (bug #1126265)
        [trixie] - node-lodash <no-dsa> (Minor issue)
        [bookworm] - node-lodash <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/71c9cc3f2e22a6b3176e6fe4990ef1bcbbe4d2e7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/71c9cc3f2e22a6b3176e6fe4990ef1bcbbe4d2e7
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to