(incubator-hugegraph-doc) branch master updated: chore: update security.md with new CVE entries (#439)

Fri, 12 Dec 2025 00:28:41 -0800 

This is an automated email from the ASF dual-hosted git repository.

jin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-hugegraph-doc.git


The following commit(s) were added to refs/heads/master by this push:
     new 49d50762 chore: update security.md with new CVE entries (#439)
49d50762 is described below

commit 49d507629ecab3816a8c22994da84211e02453bb
Author: VGalaxies <[email protected]>
AuthorDate: Fri Dec 12 16:27:47 2025 +0800

    chore: update security.md with new CVE entries (#439)
---
 content/cn/docs/guides/security.md | 2 ++
 content/en/docs/guides/security.md | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/content/cn/docs/guides/security.md 
b/content/cn/docs/guides/security.md
index a1bdf20c..9a0a77dc 100644
--- a/content/cn/docs/guides/security.md
+++ b/content/cn/docs/guides/security.md
@@ -29,6 +29,8 @@ weight: 7
 
 - [CVE-2024-27348](https://www.cve.org/CVERecord?id=CVE-2024-27348): 
HugeGraph-Server - Command execution in gremlin
 - [CVE-2024-27349](https://www.cve.org/CVERecord?id=CVE-2024-27349): 
HugeGraph-Server - Bypass whitelist in Auth mode
+- [CVE-2024-43441](https://www.cve.org/CVERecord?id=CVE-2024-43441): 
HugeGraph-Server - Fixed JWT Token (Secret)
+- [CVE-2025-26866](https://www.cve.org/CVERecord?id=CVE-2025-26866): 
HugeGraph-Server - RAFT and deserialization vulnerability
 
 ### [HugeGraph-Toolchain](https://github.com/apache/hugegraph-toolchain) 仓库 
(Hubble/Loader/Client/Tools/..)
 
diff --git a/content/en/docs/guides/security.md 
b/content/en/docs/guides/security.md
index 5fde7137..4ce21102 100644
--- a/content/en/docs/guides/security.md
+++ b/content/en/docs/guides/security.md
@@ -29,6 +29,8 @@ The general process for handling security vulnerabilities is 
as follows:
 
 - [CVE-2024-27348](https://www.cve.org/CVERecord?id=CVE-2024-27348): 
HugeGraph-Server - Command execution in gremlin
 - [CVE-2024-27349](https://www.cve.org/CVERecord?id=CVE-2024-27349): 
HugeGraph-Server - Bypass whitelist in Auth mode
+- [CVE-2024-43441](https://www.cve.org/CVERecord?id=CVE-2024-43441): 
HugeGraph-Server - Fixed JWT Token (Secret)
+- [CVE-2025-26866](https://www.cve.org/CVERecord?id=CVE-2025-26866): 
HugeGraph-Server - RAFT and deserialization vulnerability
 
 ### HugeGraph-Toolchain project (Hubble/Loader/Client/Tools/..)

Reply via email to