Henri Salo pushed to branch master at Debian Security Tracker / security-tracker
Commits:
726a4d66 by Henri Salo at 2026-06-25T12:52:40+03:00
NFU Apache Kvrocks
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3968,6 +3968,8 @@ CVE-2026-54419 (claudiopizzillo PIAF-HMS (PBX-In-A-Flash
Hotel Management System
NOT-FOR-US: PBX-In-A-Flash Hotel Management System
CVE-2026-54390 (JTL Shop versions 5.2.0 through 5.7.1 contains a server-side
template ...)
NOT-FOR-US: JTL Shop
+CVE-2026-54226
+ NOT-FOR-US: Apache Kvrocks
CVE-2026-54224 (UBB.threads is vulnerable to Denial of Service (DoS). By
sending multi ...)
NOT-FOR-US: UBB.threads
CVE-2026-54223 (UBB.threads is vulnerable to Path traversal, allowing
attackers with p ...)
@@ -12223,6 +12225,8 @@ CVE-2026-41567 (Moby is an open source container
framework. In versions prior to
- docker.io 28.5.2+dfsg4-3 (bug #1139965)
NOTE:
https://github.com/moby/moby/security/advisories/GHSA-x86f-5xw2-fm2r
NOTE: Fixed by:
https://github.com/moby/moby/commit/2022313ffe5a8c04890b5295bc52670ee6df8070
(docker-v29.5.1)
+CVE-2026-41566
+ NOT-FOR-US: Apache Kvrocks
CVE-2026-41522 (Iris is a web collaborative platform that helps incident
responders sh ...)
NOT-FOR-US: DFIR-IRIS
CVE-2026-41518 (Chartbrew is an open-source web application that can connect
directly ...)
@@ -25128,6 +25132,8 @@ CVE-2026-45442 (Missing Authorization vulnerability in
Brainstorm Force Presto P
NOT-FOR-US: WordPress plugin or theme
CVE-2026-45434 (Improper Authentication vulnerability in Apache OFBiz via
Password-Cha ...)
NOT-FOR-US: Apache software not packaged in Debian
+CVE-2026-45188
+ NOT-FOR-US: Apache Kvrocks
CVE-2026-45187 (Improper Authorization vulnerability in Apache OFBiz Webtools.
This i ...)
NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-44408 (There is an unauthorized access vulnerability in ZTE MU5250.
Due to im ...)
@@ -60232,6 +60238,10 @@ CVE-2026-4676 (Use after free in Dawn in Google Chrome
prior to 146.0.7680.165 a
{DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
+CVE-2026-46752
+ NOT-FOR-US: Apache Kvrocks
+CVE-2026-46751
+ NOT-FOR-US: Apache Kvrocks
CVE-2026-4675 (Heap buffer overflow in WebGL in Google Chrome prior to
146.0.7680.165 ...)
{DSA-6177-1}
- chromium 146.0.7680.164-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/726a4d664b1f13d42ad0ecca6bb89d6ad47b3bad
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/726a4d664b1f13d42ad0ecca6bb89d6ad47b3bad
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits