Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
158c0342 by security tracker role at 2026-06-25T19:13:38+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,64 +1,428 @@
-CVE-2026-12844
+CVE-2026-9800 (A flaw was found in Keycloak Policy Enforcer. This 
vulnerability allow ...)
+       TODO: check
+CVE-2026-9799 (A flaw was found in org.keycloak.authorization. An 
authenticated user  ...)
+       TODO: check
+CVE-2026-9718 (CWE-617 Reachable Assertion vulnerability exists that could 
allow an a ...)
+       TODO: check
+CVE-2026-9717 (CWE-78 Neutralization of Special Elements used in an OS Command 
('OS C ...)
+       TODO: check
+CVE-2026-9716 (CWE-476 NULL Pointer Dereference vulnerability exists that 
could cause ...)
+       TODO: check
+CVE-2026-9705 (A flaw was found in Keycloak's client registration service. A 
remote a ...)
+       TODO: check
+CVE-2026-9651 (CWE-732 Incorrect Permission Assignment for Critical Resource 
vulnerab ...)
+       TODO: check
+CVE-2026-9650 (CWE-522 Insufficiently Protected Credentials vulnerability that 
could  ...)
+       TODO: check
+CVE-2026-9099 (A flaw was found in Keycloak. A missing authorization check in 
the Gro ...)
+       TODO: check
+CVE-2026-9086 (A flaw was found in Keycloak. A remote attacker with 
administrative pr ...)
+       TODO: check
+CVE-2026-9083 (A flaw was found in Keycloak. A realm administrator with the 
"manage-r ...)
+       TODO: check
+CVE-2026-6432 (Improper bounds validation in EmberZNet SDK versions 9.0.2 and 
earlier ...)
+       TODO: check
+CVE-2026-6291 (Bleichenbacher padding oracle in PKCS#7 KTRI decryption. When 
decrypti ...)
+       TODO: check
+CVE-2026-6094 (Heap buffer overread in wc_PKCS7_DecodeEnvelopedData when 
parsing craf ...)
+       TODO: check
+CVE-2026-6091 (Partial-chain certificate verification may accept chains that 
terminat ...)
+       TODO: check
+CVE-2026-57700 (Unrestricted Upload of File with Dangerous Type vulnerability 
in Daan. ...)
+       TODO: check
+CVE-2026-57619 (Contributor Sensitive Data Exposure in Elementor Website 
Builder <= 4. ...)
+       TODO: check
+CVE-2026-57588 (A SQL injection vulnerability in Nessus allows an attacker to 
craft a  ...)
+       TODO: check
+CVE-2026-57587 (A SQL injection vulnerability in Nessus allows a remote, 
unauthenticat ...)
+       TODO: check
+CVE-2026-57536 (Our payment integration with Mollie did not properly validate 
payment  ...)
+       TODO: check
+CVE-2026-57535 (Content injected to PDF rendering contexts could, in many 
places, incl ...)
+       TODO: check
+CVE-2026-57534 (Malicious HTML content could be injected into the content of a 
page in ...)
+       TODO: check
+CVE-2026-57533 (Malicious HTML content could be injected into the page pretix 
shows wh ...)
+       TODO: check
+CVE-2026-57532 (Malicious HTML content contained in the layout specification 
of a PDF  ...)
+       TODO: check
+CVE-2026-57456 (Vim is an open source, command line text editor. Prior to 
9.2.0699, Vi ...)
+       TODO: check
+CVE-2026-57455 (Vim is an open source, command line text editor. Prior to 
9.2.0698, th ...)
+       TODO: check
+CVE-2026-57454 (Vim is an open source, command line text editor. From 9.2.0320 
until 9 ...)
+       TODO: check
+CVE-2026-57453 (Vim is an open source, command line text editor. From 9.1.1784 
until 9 ...)
+       TODO: check
+CVE-2026-57452 (Vim is an open source, command line text editor. Prior to 
9.2.0671, wh ...)
+       TODO: check
+CVE-2026-57451 (Vim is an open source, command line text editor. Prior to 
9.2.0670, ge ...)
+       TODO: check
+CVE-2026-57438 (Nokogiri is an open source XML and HTML library for the Ruby 
programmi ...)
+       TODO: check
+CVE-2026-57437 (Nokogiri is an open source XML and HTML library for the Ruby 
programmi ...)
+       TODO: check
+CVE-2026-57436 (Nokogiri is an open source XML and HTML library for the Ruby 
programmi ...)
+       TODO: check
+CVE-2026-57435 (Nokogiri is an open source XML and HTML library for the Ruby 
programmi ...)
+       TODO: check
+CVE-2026-57434 (Nokogiri is an open source XML and HTML library for the Ruby 
programmi ...)
+       TODO: check
+CVE-2026-57429 (Contributor Broken Access Control in Slim SEO <= 4.6.2 
versions.)
+       TODO: check
+CVE-2026-57236 (Nokogiri is an open source XML and HTML library for the Ruby 
programmi ...)
+       TODO: check
+CVE-2026-57235 (Nokogiri is an open source XML and HTML library for the Ruby 
programmi ...)
+       TODO: check
+CVE-2026-57234 (Nokogiri is an open source XML and HTML library for the Ruby 
programmi ...)
+       TODO: check
+CVE-2026-56790 (CANBoat through 6.22, fixed in commit a5a22b7, contains an 
off-by-one  ...)
+       TODO: check
+CVE-2026-56789 (RTKLIB through 2.4.3 contains a heap buffer overflow 
vulnerability in  ...)
+       TODO: check
+CVE-2026-56788 (RTKLIB through 2.4.3 contains an out-of-bounds read 
vulnerability in g ...)
+       TODO: check
+CVE-2026-56787 (RTKLIB through 2.4.3 contains an off-by-one out-of-bounds read 
vulnera ...)
+       TODO: check
+CVE-2026-56786 (RTKLIB through 2.4.3 contains an out-of-bounds write 
vulnerability in  ...)
+       TODO: check
+CVE-2026-56779 (MaxKB before 2.10.0 contains a server-side request forgery 
vulnerabili ...)
+       TODO: check
+CVE-2026-56774 (Kanboard through 1.2.52, fixed in commit 928c68a, 
UserViewController:: ...)
+       TODO: check
+CVE-2026-56772 (NewsBlur before 14.5.0 contains a broken access control 
vulnerability  ...)
+       TODO: check
+CVE-2026-56771 (NewsBlur before version 14.5.0 contains a server-side request 
forgery  ...)
+       TODO: check
+CVE-2026-56770 (libais through 0.15 VdmStream::AddLine uses an unchecked 
sentinel valu ...)
+       TODO: check
+CVE-2026-56769 (Huly Platform through 0.7.423, fixed in commit 68cbf8a 
contains an aut ...)
+       TODO: check
+CVE-2026-56768 (Seahub before 13.0.23 does not enforce 
SHARE_LINK_LOGIN_REQUIRED on GE ...)
+       TODO: check
+CVE-2026-56767 (Maxun before 0.0.42 contains a cross-tenant insecure direct 
object ref ...)
+       TODO: check
+CVE-2026-56766 (Hydra through 9.7, fixed in commit 9cc84c2, contains a stack 
buffer ov ...)
+       TODO: check
+CVE-2026-56130 ("Remember me" cookie age is not verified on the server. This 
potential ...)
+       TODO: check
+CVE-2026-56129 (Generic IO & Memory Access driver for PCs provided by TOSHIBA 
CORPORAT ...)
+       TODO: check
+CVE-2026-56123 (socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based 
buffer ove ...)
+       TODO: check
+CVE-2026-56122 (Winstone Servlet Engine through 0.9.10 contains a path 
traversal vulne ...)
+       TODO: check
+CVE-2026-56091 (When using Apache Shiro with the shiro-guice module in a web 
servlet c ...)
+       TODO: check
+CVE-2026-56071 (Unauthenticated Cross Site Scripting (XSS) in Forminator <= 
1.53.1 ver ...)
+       TODO: check
+CVE-2026-56054 (Subscriber Arbitrary File Deletion in JS Help Desk <= 3.1.1 
versions.)
+       TODO: check
+CVE-2026-56053 (Subscriber PHP Object Injection in EventPrime <= 4.3.4.1 
versions.)
+       TODO: check
+CVE-2026-56051 (Unauthenticated Cross Site Scripting (XSS) in TablePress <= 
3.3.1 vers ...)
+       TODO: check
+CVE-2026-56050 (Improper Access Control vulnerability in Themeisle PPOM for 
WooCommerc ...)
+       TODO: check
+CVE-2026-56049 (Contributor Remote Code Execution (RCE) in Post Snippets <= 
4.0.19 ver ...)
+       TODO: check
+CVE-2026-56042 (Customer Cross Site Scripting (XSS) in Advanced Order Export 
For WooCo ...)
+       TODO: check
+CVE-2026-56023 (Customer Broken Access Control in UPI QR Code Payment Gateway 
for WooC ...)
+       TODO: check
+CVE-2026-56014 (Unauthenticated Cross Site Scripting (XSS) in Master Slider <= 
3.11.2  ...)
+       TODO: check
+CVE-2026-56013 (Unauthenticated Insecure Direct Object References (IDOR) in 
License Ma ...)
+       TODO: check
+CVE-2026-56006 (Unauthenticated Cross Site Scripting (XSS) in H5P <= 1.17.6 
versions.)
+       TODO: check
+CVE-2026-56005 (Subscriber Cross Site Scripting (XSS) in WP Activity Log <= 
5.6.3.1 ve ...)
+       TODO: check
+CVE-2026-55967 (AES-GCM encryption/decryption with extremely large cumulative 
single m ...)
+       TODO: check
+CVE-2026-55961 (wolfSSL_PKCS7_verify() returning success for a degenerate 
(certs-only) ...)
+       TODO: check
+CVE-2026-55895 (Vim is an open source, command line text editor. Prior to 
9.2.0663, a  ...)
+       TODO: check
+CVE-2026-55892 (Vim is an open source, command line text editor. Prior to 
9.2.0662, th ...)
+       TODO: check
+CVE-2026-55700 (pnpm is a package manager. From 11.3.0 until 11.5.3, `pnpm 
stage downl ...)
+       TODO: check
+CVE-2026-55699 (pnpm is a package manager. Prior to 10.34.2 and 11.5.3, 
Manifest bin o ...)
+       TODO: check
+CVE-2026-55698 (pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm 
can persi ...)
+       TODO: check
+CVE-2026-55697 (pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm 
can insta ...)
+       TODO: check
+CVE-2026-55693 (Vim is an open source, command line text editor. Prior to 
9.2.0653, th ...)
+       TODO: check
+CVE-2026-55667 (File Browser is a file managing interface for uploading, 
deleting, pre ...)
+       TODO: check
+CVE-2026-55487 (pnpm is a package manager. Prior to 10.34.2 and 11.5.3, the 
generic pe ...)
+       TODO: check
+CVE-2026-55477 (3X-UI is a web control panel for managing Xray-core servers. 
Prior to  ...)
+       TODO: check
+CVE-2026-55439 (Halo is an open source website building tool. Prior to 2.24.3, 
a path  ...)
+       TODO: check
+CVE-2026-55413 (ToolJet is the open-source foundation am AI-native platform 
for buildi ...)
+       TODO: check
+CVE-2026-55412 (ToolJet is the open-source foundation am AI-native platform 
for buildi ...)
+       TODO: check
+CVE-2026-55411 (ToolJet is the open-source foundation am AI-native platform 
for buildi ...)
+       TODO: check
+CVE-2026-55180 (pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm 
and pacqu ...)
+       TODO: check
+CVE-2026-55092 (Trivy is a security scanner. Prior to 0.71.1, when Trivy 
downloads an  ...)
+       TODO: check
+CVE-2026-54917 (SeaweedFS is a distributed storage system for object storage 
(S3), fil ...)
+       TODO: check
+CVE-2026-54849 (Unauthenticated SQL Injection in Premmerce Wishlist for 
WooCommerce <= ...)
+       TODO: check
+CVE-2026-54848 (Insertion of Sensitive Information Into Sent Data 
vulnerability in Saa ...)
+       TODO: check
+CVE-2026-54845 (Unauthenticated Local File Inclusion in MDTF <= 1.3.8 
versions.)
+       TODO: check
+CVE-2026-54844 (Unauthenticated Broken Access Control in CheckView Automated 
Testing < ...)
+       TODO: check
+CVE-2026-54843 (Unauthenticated SQL Injection in MDTF <= 1.3.7 versions.)
+       TODO: check
+CVE-2026-54842 (Missing Authorization vulnerability in Royal Plugins Royal MCP 
allows  ...)
+       TODO: check
+CVE-2026-54841 (Unauthenticated Sensitive Data Exposure in Vitepos <= 3.4.2 
versions.)
+       TODO: check
+CVE-2026-54838 (Subscriber SQL Injection in WC Vendors Marketplace <= 2.6.8 
versions.)
+       TODO: check
+CVE-2026-54836 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2026-54830 (Unauthenticated Broken Access Control in Five Star Restaurant 
Reservat ...)
+       TODO: check
+CVE-2026-54829 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
+       TODO: check
+CVE-2026-54828 (Unauthenticated Broken Access Control in Motors <= 1.4.109 
versions.)
+       TODO: check
+CVE-2026-54823 (Contributor Remote Code Execution (RCE) in Widget Options <= 
4.2.3 ver ...)
+       TODO: check
+CVE-2026-54822 (Subscriber SQL Injection in SALESmanago & Leadoo <= 3.11.2 
versions.)
+       TODO: check
+CVE-2026-54821 (Subscriber Sensitive Data Exposure in Visual Link Preview <= 
2.3.1 ver ...)
+       TODO: check
+CVE-2026-54679 (jq is a command-line JSON processor. Prior to 1.8.2, on 32bit 
system,  ...)
+       TODO: check
+CVE-2026-54573 (Outline is a service that allows for collaborative 
documentation. Prio ...)
+       TODO: check
+CVE-2026-54448 (Trivy is a security scanner. Prior to 0.71.0, when Trivy scans 
a Helm  ...)
+       TODO: check
+CVE-2026-54250 (K3s is a fully conformant production-ready Kubernetes 
distribution. Pr ...)
+       TODO: check
+CVE-2026-54097 (File Browser is a file managing interface for uploading, 
deleting, pre ...)
+       TODO: check
+CVE-2026-54096 (File Browser is a file managing interface for uploading, 
deleting, pre ...)
+       TODO: check
+CVE-2026-54094 (File Browser is a file managing interface for uploading, 
deleting, pre ...)
+       TODO: check
+CVE-2026-54093 (File Browser is a file managing interface for uploading, 
deleting, pre ...)
+       TODO: check
+CVE-2026-54092 (File Browser is a file managing interface for uploading, 
deleting, pre ...)
+       TODO: check
+CVE-2026-54091 (File Browser is a file managing interface for uploading, 
deleting, pre ...)
+       TODO: check
+CVE-2026-54090 (File Browser is a file managing interface for uploading, 
deleting, pre ...)
+       TODO: check
+CVE-2026-54089 (File Browser is a file managing interface for uploading, 
deleting, pre ...)
+       TODO: check
+CVE-2026-54088 (File Browser is a file managing interface for uploading, 
deleting, pre ...)
+       TODO: check
+CVE-2026-54040 (LibreChat is an enhanced ChatGPT clone that supports multiple 
AI provi ...)
+       TODO: check
+CVE-2026-54037 (LibreChat is an enhanced ChatGPT clone that supports multiple 
AI provi ...)
+       TODO: check
+CVE-2026-54036 (LibreChat is an enhanced ChatGPT clone that supports multiple 
AI provi ...)
+       TODO: check
+CVE-2026-54033 (LibreChat is an enhanced ChatGPT clone that supports multiple 
AI provi ...)
+       TODO: check
+CVE-2026-54030 (LibreChat is an enhanced ChatGPT clone that supports multiple 
AI provi ...)
+       TODO: check
+CVE-2026-54029 (LibreChat is an enhanced ChatGPT clone that supports multiple 
AI provi ...)
+       TODO: check
+CVE-2026-54027 (LibreChat is an enhanced ChatGPT clone that supports multiple 
AI provi ...)
+       TODO: check
+CVE-2026-54025 (LibreChat is an enhanced ChatGPT clone that supports multiple 
AI provi ...)
+       TODO: check
+CVE-2026-54024 (LibreChat is an enhanced ChatGPT clone that supports multiple 
AI provi ...)
+       TODO: check
+CVE-2026-53925 (Glances is an open-source system cross-platform monitoring 
tool. From  ...)
+       TODO: check
+CVE-2026-50573 (pnpm is a package manager. Prior to 10.34.0 and 11.4.0, `pnpm 
install` ...)
+       TODO: check
+CVE-2026-50549 (Cursor is a code editor built for programming with AI. Prior 
to 3.0, C ...)
+       TODO: check
+CVE-2026-50548 (Cursor is a code editor built for programming with AI. Prior 
to 3.0, C ...)
+       TODO: check
+CVE-2026-50021 (pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm's 
tarball ...)
+       TODO: check
+CVE-2026-50017 (pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm 
can send  ...)
+       TODO: check
+CVE-2026-50016 (pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm 
allows a  ...)
+       TODO: check
+CVE-2026-50015 (pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm's 
patch a ...)
+       TODO: check
+CVE-2026-50014 (pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm 
passes th ...)
+       TODO: check
+CVE-2026-4930 (SYMCRYPTO is the SiXG301's host side hardware engine accessed 
by PSA c ...)
+       TODO: check
+CVE-2026-4526 (In EmberZNet v9.0.2 and earlier, malformed global ZCL messages 
can tri ...)
+       TODO: check
+CVE-2026-4522 (Missing authentication for critical function vulnerability in 
HYPR Pas ...)
+       TODO: check
+CVE-2026-49506 (Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, 
contain an  ...)
+       TODO: check
+CVE-2026-49319 (Remote Keyless Entry System (RKES), using the 433 MHz key fob 
bearing  ...)
+       TODO: check
+CVE-2026-48995 (pnpm is a package manager. Prior to 10.33.4 and 11.0.7, a 
malicious co ...)
+       TODO: check
+CVE-2026-48946 (The K2 frontend article-attachment upload path accepts files 
whose ext ...)
+       TODO: check
+CVE-2026-48945 (The K2 article gallery upload path accepts a zip/tar archive, 
extracts ...)
+       TODO: check
+CVE-2026-48944 (The K2 frontend article-save handler accepts an 
`attachment[N][existin ...)
+       TODO: check
+CVE-2026-48943 (K2 \u2264 2.24 contains a mass-assignment defect in the K2 
system user ...)
+       TODO: check
+CVE-2026-48942 (K2 \u2264 2.26 renders the `#__k2_users.image` column directly 
into HT ...)
+       TODO: check
+CVE-2026-48941 (The K2 frontend `item.checkin` task accepts an unauthenticated 
`sigPro ...)
+       TODO: check
+CVE-2026-48940 (A Joomla user with K2 "create item" rights (Author tier by 
default) ca ...)
+       TODO: check
+CVE-2026-47154 (In EmberZNet v9.0.2 and earlier, a malformed 
GetProfileResponse messag ...)
+       TODO: check
+CVE-2026-47153 (In EmberZNet v9.0.2 and earlier, a malformed Level Control 
Step comman ...)
+       TODO: check
+CVE-2026-47152 (In EmberZNet v9.0.2 and earlier, a malformed Level Control 
Move comman ...)
+       TODO: check
+CVE-2026-47151 (In EmberZNet v9.0.2 and earlier, malformed 
ClearWeekdaySchedule messag ...)
+       TODO: check
+CVE-2026-47150 (In EmberZNet v9.0.2 and earlier, malformed IAS Zone enrollment 
message ...)
+       TODO: check
+CVE-2026-47149 (In EmberZNet v9.0.2 and earlier, malformed or out-of-range 
Door Lock u ...)
+       TODO: check
+CVE-2026-47148 (In EmberZNet v9.0.2 and earlier, malformed GetGroupMembership 
commands ...)
+       TODO: check
+CVE-2026-47147 (In EmberZNet v9.0.2 and earlier, malformed OTA requests can 
drive the  ...)
+       TODO: check
+CVE-2026-47146 (In EmberZNet v9.0.2 and earlier, malformed Color Control 
messages can  ...)
+       TODO: check
+CVE-2026-47145 (In EmberZNet v9.0.2 and earlier, malformed Color Control 
messages can  ...)
+       TODO: check
+CVE-2026-46735 (Dell Display and Peripheral Manager (DDPM Mac), versions prior 
to 2.3, ...)
+       TODO: check
+CVE-2026-46734 (Dell Display and Peripheral Manager (DDPM Mac), versions prior 
to 2.3, ...)
+       TODO: check
+CVE-2026-46733 (Dell Display and Peripheral Manager (DDPM Windows), versions 
prior to  ...)
+       TODO: check
+CVE-2026-46732 (Dell Display and Peripheral Manager (DDPM Mac), versions prior 
to 2.3, ...)
+       TODO: check
+CVE-2026-46611 (Glances is an open-source system cross-platform monitoring 
tool. Prior ...)
+       TODO: check
+CVE-2026-46608 (Glances is an open-source system cross-platform monitoring 
tool. Prior ...)
+       TODO: check
+CVE-2026-46607 (Glances is an open-source system cross-platform monitoring 
tool. Prior ...)
+       TODO: check
+CVE-2026-46606 (Glances is an open-source system cross-platform monitoring 
tool. Prior ...)
+       TODO: check
+CVE-2026-45233 (HTMLy CMS through 3.1.1 contains a path traversal 
vulnerability that a ...)
+       TODO: check
+CVE-2026-41120 (Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, 
contain an  ...)
+       TODO: check
+CVE-2026-2815 (Incorrect use of the PUF key for user key generation in 
EFR32xG27 resu ...)
+       TODO: check
+CVE-2026-28898 (swift-nio-http2's HTTP/2-to-HTTP/1.1 codec did not validate 
pseudo-hea ...)
+       TODO: check
+CVE-2026-27366 (Unauthenticated Broken Access Control in MainWP Child <= 6.1.1 
version ...)
+       TODO: check
+CVE-2026-13351 (Zephyr's IPv6 network stack can be prevented from receiving or 
process ...)
+       TODO: check
+CVE-2026-13350 (Permissions where checked incorrectly during room creation, 
allowing a ...)
+       TODO: check
+CVE-2026-13314 (Malicious HTML content could be injected into the content 
rendered by  ...)
+       TODO: check
+CVE-2026-13225 (Malicious HTML content could be injected into the email 
address of an  ...)
+       TODO: check
+CVE-2026-13223 (Our payment integration with Computop-based payment methods 
did not  p ...)
+       TODO: check
+CVE-2026-13222 (Our payment integration with Oppwa-based payment methods did 
not  prop ...)
+       TODO: check
+CVE-2026-12937 (The Tourfic \u2013 AI Powered Travel Booking, Hotel Booking & 
Car Rent ...)
+       TODO: check
+CVE-2026-12921 (In AzeoTech DAQFactory versions 21.1 and prior, a Use After 
Free vulne ...)
+       TODO: check
+CVE-2026-12897 (Horner Automation Cscape versions prior to 10.2 SP3 are 
vulnerable to  ...)
+       TODO: check
+CVE-2026-12755 (Improper input validation in the PAM AD discovery endpoints in 
 Devolu ...)
+       TODO: check
+CVE-2026-11999 (X.509 trust-chain bypass (path-depth exhaustion) in the 
OpenSSL compat ...)
+       TODO: check
+CVE-2026-12844 (List::SomeUtils::XS versions before 0.59 for Perl have a heap 
buffer o ...)
        - liblist-someutils-xs-perl 0.59-1
        NOTE: https://www.openwall.com/lists/oss-security/2026/06/25/11
        NOTE: Fixed by: 
https://github.com/houseabsolute/List-SomeUtils-XS/commit/22549f78669b780d6aa338a2d2e49a3dedfffaa6
 (v0.59)
-CVE-2026-40211
+CVE-2026-40211 (An attacker can send crafted DNS over HTTP/3 queries, 
triggering an ex ...)
        - dnsdist <unfixed>
        [bookworm] - dnsdist <end-of-life> (See #1119290)
        [bullseye] - dnsdist <end-of-life> (see #1119290)
        NOTE: 
https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html#cve-2026-40211-denial-of-service-via-crafted-doh3-queries
-CVE-2026-40210
+CVE-2026-40210 (An out-of-bounds read might happen when SetMacAddrAction is 
used, pote ...)
        - dnsdist <unfixed>
        [bookworm] - dnsdist <end-of-life> (See #1119290)
        [bullseye] - dnsdist <end-of-life> (see #1119290)
        NOTE: 
https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html#cve-2026-40210-out-of-bounds-read-in-setmacaddraction
-CVE-2026-40209
+CVE-2026-40209 (An attacker might be able to cause outgoing TCP connections to 
backend ...)
        - dnsdist <unfixed>
        [bookworm] - dnsdist <end-of-life> (See #1119290)
        [bullseye] - dnsdist <end-of-life> (see #1119290)
        NOTE: 
https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html#cve-2026-40209-denial-of-service-via-ixfr-queries
-CVE-2026-40208
+CVE-2026-40208 (An attacker might be able to delay the processing of DoH3 
queries by s ...)
        - dnsdist <unfixed>
        [bookworm] - dnsdist <end-of-life> (See #1119290)
        [bullseye] - dnsdist <end-of-life> (see #1119290)
        NOTE: 
https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html#cve-2026-40208-denial-of-service-via-doh3-queries
-CVE-2026-42004
+CVE-2026-42004 (An attacker can send a crafted EDNS OPT record that will be 
ignored by ...)
        - dnsdist <unfixed>
        [bookworm] - dnsdist <end-of-life> (See #1119290)
        [bullseye] - dnsdist <end-of-life> (see #1119290)
        NOTE: 
https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html#cve-2026-42004-edns-options-smuggling
-CVE-2026-40011
+CVE-2026-40011 (An attacker sending a large number of crafted DNS queries 
might be abl ...)
        - dnsdist <unfixed>
        [bookworm] - dnsdist <end-of-life> (See #1119290)
        [bullseye] - dnsdist <end-of-life> (see #1119290)
        NOTE: 
https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html#cve-2026-40011-prometheus-denial-of-service-via-crafted-dns-queries
-CVE-2026-52690
+CVE-2026-52690 (Spoofing replies to Recursor might mark an IP of an 
authoritative serv ...)
        - pdns-recursor <unfixed>
        [bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
        [bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
        NOTE: 
https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-08.html#cve-2026-52690-spoofed-answers-can-mark-an-authoritative-non-edns-capable
-CVE-2026-42387
+CVE-2026-42387 (A malicious authoritative server can send a crafted zone via 
the ZoneT ...)
        - pdns-recursor <unfixed>
        [bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
        [bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
        NOTE: 
https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-08.html#cve-2026-42387-insufficient-input-validation-in-zonetocache
-CVE-2026-42388
+CVE-2026-42388 (Incomplete validation of the SOA record present in a catalog 
zone migh ...)
        - pdns-recursor <unfixed>
        [bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
        [bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
        NOTE: 
https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-08.html#cve-2026-42388-missing-input-validation-for-catalog-zones
-CVE-2026-42389
+CVE-2026-42389 (This fix provides extra hardening for the 5.4.x branch by 
doing extra  ...)
        - pdns-recursor <unfixed>
        [trixie] - pdns-recursor <not-affected> (Vulnerable code not present, 
only affects 5.4.x)
        [bookworm] - pdns-recursor <not-affected> (Vulnerable code not present, 
only affects 5.4.x)
        [bullseye] - pdns-recursor <not-affected> (Vulnerable code not present, 
only affects 5.4.x)
        NOTE: 
https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-08.html#cve-2026-42389-reject-more-queries-with-invalid-header-values
-CVE-2026-42390
+CVE-2026-42390 (An invalid zone might pass ZONEMD validation while it should 
not. This ...)
        - pdns-recursor <unfixed>
        [bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
        [bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
        NOTE: 
https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-08.html#cve-2026-42390-zonemd-validation-can-be-bypassed
-CVE-2026-42005
+CVE-2026-42005 (An attacker can send a web request that causes unlimited 
memory  alloc ...)
        - pdns-recursor 5.3.0-1
        [bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
        [bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
@@ -73,715 +437,715 @@ CVE-2026-42005
        NOTE: 
https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-07.html
        NOTE: 
https://github.com/PowerDNS/pdns/commit/11e4f2da8259e5070e7a193f48d23ade38b71dc0
        NOTE: 
https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html#cve-2026-42005-insufficient-input-validation-of-internal-web-server
-CVE-2026-40012
+CVE-2026-40012 (ECS zero scoped answers are stored in the packet cache while 
they shou ...)
        - pdns-recursor <unfixed>
        [bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
        [bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
        NOTE: 
https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-08.html#cve-2026-40012-information-about-ecs-zero-scoped-answers-might-leak-to-clients-that-use-a-specific-ecs
-CVE-2026-33612
+CVE-2026-33612 (A malicious authoritative server can send a crafted zone via 
the ZoneT ...)
        - pdns-recursor <unfixed>
        [bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
        [bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
        NOTE: 
https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-08.html#cve-2026-3361-zonetocache-can-poison-the-cache
-CVE-2026-53276 [Bluetooth: ISO: Fix a use-after-free of the hci_conn pointer]
+CVE-2026-53276 (In the Linux kernel, the following vulnerability has been 
resolved:  B ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/f50331f2a1441ec49988832c3a95f2edacc47322 (7.1-rc7)
-CVE-2026-53271 [ksmbd: fix NULL-deref of opinfo->conn in oplock/lease break 
notifiers]
+CVE-2026-53271 (In the Linux kernel, the following vulnerability has been 
resolved:  k ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/b003086d76968298f22e7cf62239833b5a3a06b1 (7.1-rc7)
-CVE-2026-53261 [devlink: Release nested relation on devlink free]
+CVE-2026-53261 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/3522b21fd7e1863d0734537737bd59f1b90d0190 (7.1-rc7)
-CVE-2026-53259 [ipv6: anycast: insert aca into global hash under idev->lock]
+CVE-2026-53259 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/f723ccaff2fb72b71ae8a9fd283f0dee4d9ae7a3 (7.1-rc7)
-CVE-2026-53251 [Bluetooth: ISO: Fix not releasing hdev reference on 
iso_conn_big_sync]
+CVE-2026-53251 (In the Linux kernel, the following vulnerability has been 
resolved:  B ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/5cbf290b79351971f20c7a533247e8d58a3f970c (7.1-rc7)
-CVE-2026-53248 [net: airoha: Fix use-after-free in metadata dst teardown]
+CVE-2026-53248 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/b38cae85d1c45ff189d7ecb6ac36f41cdc3d84d0 (7.1-rc7)
-CVE-2026-53247 [net: ethernet: mtk_eth_soc: Fix use-after-free in metadata dst 
teardown]
+CVE-2026-53247 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/80df409e1a483676826a6c66e693dba6ac507751 (7.1-rc7)
-CVE-2026-53244 [VFS: fix possible failure to unlock in nfsd4_create_file()]
+CVE-2026-53244 (In the Linux kernel, the following vulnerability has been 
resolved:  V ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/e824bbd4d224cce4b5fb59cc9dcd3447fe0b7e44 (7.1-rc7)
-CVE-2026-53243 [rseq: Fix using an uninitialized stack variable in 
rseq_exit_user_update()]
+CVE-2026-53243 (In the Linux kernel, the following vulnerability has been 
resolved:  r ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/6d99479799c69c3cb588fcda19c81d8f61d64ecd (7.1-rc7)
-CVE-2026-53241 [ALSA: seq: dummy: fix UMP event stack overread]
+CVE-2026-53241 (In the Linux kernel, the following vulnerability has been 
resolved:  A ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/2b5ff4db5d7aa5b981d966df02e687f79ad7b311 (7.1-rc7)
-CVE-2026-53240 [xfrm: iptfs: fix use-after-free on first_skb in 
__input_process_payload]
+CVE-2026-53240 (In the Linux kernel, the following vulnerability has been 
resolved:  x ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/eb48730bb827d1550401a5d391903f9d90b493c8 (7.1)
-CVE-2026-53235 [net: add pskb_may_pull() to skb_gro_receive_list()]
+CVE-2026-53235 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/f2bb3434544454099a5b6dec213567267b05d79d (7.1)
-CVE-2026-53234 [net: ibm: emac: Fix use-after-free during device removal]
+CVE-2026-53234 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/a0130d682222ae21afc395aead7cd2d87e1a8358 (7.1)
-CVE-2026-53233 [netdev: fix double-free in netdev_nl_bind_rx_doit()]
+CVE-2026-53233 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/c849de7d8757a7af801fc4a4058f71d481d367f2 (7.1)
-CVE-2026-53231 [net: phy: don't try to setup PHY-driven SFP cages when using 
genphy]
+CVE-2026-53231 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/5a0082ec20a05ef2378410323a5089a8f1786f4a (7.1)
-CVE-2026-53214 [ipv6: Fix a potential NPD in cleanup_prefix_route()]
+CVE-2026-53214 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/b70c687b7cf267fb08586667a3946c8851cad672 (7.1)
-CVE-2026-53211 [netfilter: nft_meta_bridge: fix stale stack leak via IIFHWADDR 
register]
+CVE-2026-53211 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/c7d573551f9286100a055ef696cde6af54549677 (7.1)
-CVE-2026-53210 [tee: shm: fix shm leak in register_shm_helper()]
+CVE-2026-53210 (In the Linux kernel, the following vulnerability has been 
resolved:  t ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/26682f5efc276e3ad96d102019472bfbf03833b2 (7.1-rc7)
-CVE-2026-53206 [accel/ivpu: Add bounds check for firmware runtime memory]
+CVE-2026-53206 (In the Linux kernel, the following vulnerability has been 
resolved:  a ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/1d0b597facdd3c0239c88e8797c1014e1ea0ef15 (7.1-rc7)
-CVE-2026-53205 [accel/ivpu: Add bounds checks for firmware log indices]
+CVE-2026-53205 (In the Linux kernel, the following vulnerability has been 
resolved:  a ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/dd1311bcf0e62f0c515115f46a3813370f4a4bb1 (7.1-rc7)
-CVE-2026-53204 [firmware: stratix10-rsu: Fix NULL deref on rsu_send_msg() 
timeout in probe]
+CVE-2026-53204 (In the Linux kernel, the following vulnerability has been 
resolved:  f ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/bfd2eb9bba548a8f63c3339bb1fb9a2031a42d86 (7.1)
-CVE-2026-53203 [accel/ivpu: Add buffer overflow check in MS get_info_ioctl]
+CVE-2026-53203 (In the Linux kernel, the following vulnerability has been 
resolved:  a ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/fb176425837693f50c5c9fc8db6fbb04af22bd0a (7.1-rc7)
-CVE-2026-53202 [accel/ivpu: Fix signed integer truncation in IPC receive]
+CVE-2026-53202 (In the Linux kernel, the following vulnerability has been 
resolved:  a ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/d9faef564438d1e4579c692c046603e7ada7bdf4 (7.1)
-CVE-2026-53201 [Revert "drm/xe: Skip exec queue schedule toggle if queue is 
idle during suspend"]
+CVE-2026-53201 (In the Linux kernel, the following vulnerability has been 
resolved:  R ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/fa7c84726dc217ce0c183926ef9411636c7a2213 (7.1-rc7)
-CVE-2026-53200 [KVM: arm64: nv: Fix handling of XN[0] when !FEAT_XNX]
+CVE-2026-53200 (In the Linux kernel, the following vulnerability has been 
resolved:  K ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/49b32ddb87a3a109afecea89e55d70f73956b8bc (7.1-rc7)
-CVE-2026-53197 [xfrm: iptfs: fix ABBA deadlock in iptfs_destroy_state()]
+CVE-2026-53197 (In the Linux kernel, the following vulnerability has been 
resolved:  x ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/c8a8a75b733467b00c08b91a38dbaf207a08ed6e (7.1)
-CVE-2026-53193 [ALSA: timer: Forcibly close timer instances at closing]
+CVE-2026-53193 (In the Linux kernel, the following vulnerability has been 
resolved:  A ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/da3039e91d1f835874ed6e9a33ea19ee80c2cb92 (7.1)
-CVE-2026-53191 [io_uring/net: inherit IORING_CQE_F_BUF_MORE across bundle recv 
retries]
+CVE-2026-53191 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/ed46f39c47eb5530a9c161481a2080d3a869cfaf (7.1-rc7)
-CVE-2026-53190 [drm/virtio: fix dma_fence refcount leak on error in 
virtio_gpu_dma_fence_wait()]
+CVE-2026-53190 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/3f26bb732cc136ab20176697c92f32c9c84cb125 (7.1)
-CVE-2026-53188 [RDMA/core: Validate the passed in fops for ib_get_ucaps()]
+CVE-2026-53188 (In the Linux kernel, the following vulnerability has been 
resolved:  R ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/4a1b1ac2744694a2ecd66a84bdb1445f4ef24bee (7.1)
-CVE-2026-53187 [RDMA/core: Validate cpu_id against nr_cpu_ids in DMAH alloc]
+CVE-2026-53187 (In the Linux kernel, the following vulnerability has been 
resolved:  R ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/323c98a4ff06aa28114f2bf658fb43eb3b536bbc (7.1)
-CVE-2026-53180 [timers/migration: Fix livelock in tmigr_handle_remote_up()]
+CVE-2026-53180 (In the Linux kernel, the following vulnerability has been 
resolved:  t ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/d486b4934a8e504376b85cdb3766f306d57aff5b (7.1-rc7)
-CVE-2026-53175 [inet: frags: fix use-after-free caused by the fqdir_pre_exit() 
flush]
+CVE-2026-53175 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/32594b09854970d7ba83eb2dc8c69a2edd158c8e (7.1)
-CVE-2026-53174 [ovl: keep err zero after successful ovl_cache_get()]
+CVE-2026-53174 (In the Linux kernel, the following vulnerability has been 
resolved:  o ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/1711b6ed6953cee5940ca4c3a6e77f1b3798cee2 (7.1-rc7)
-CVE-2026-53173 [accel/ethosu: fix OOB write in 
ethosu_gem_cmdstream_copy_and_validate()]
+CVE-2026-53173 (In the Linux kernel, the following vulnerability has been 
resolved:  a ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/c0837b9cf6eabbad8b8cbddaff1a46a6d0a2e29d (7.1-rc7)
-CVE-2026-53172 [accel/ethosu: fix IFM region index out-of-bounds in command 
stream parser]
+CVE-2026-53172 (In the Linux kernel, the following vulnerability has been 
resolved:  a ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/00f547e0dfecf83014fb32bcba587c6b684c1362 (7.1-rc7)
-CVE-2026-53171 [accel/ethosu: fix arithmetic issues in dma_length()]
+CVE-2026-53171 (In the Linux kernel, the following vulnerability has been 
resolved:  a ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/ee6d9b6e51626f259c6f0e38d94f91be4fd14754 (7.1-rc7)
-CVE-2026-53170 [accel/ethosu: reject DMA commands with uninitialized length]
+CVE-2026-53170 (In the Linux kernel, the following vulnerability has been 
resolved:  a ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/d9d021218162b6c4fe0bdf42b2b340f1aae23a12 (7.1-rc7)
-CVE-2026-53169 [accel/ethosu: reject NPU_OP_RESIZE commands from userspace]
+CVE-2026-53169 (In the Linux kernel, the following vulnerability has been 
resolved:  a ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/ef911805d86a05363d3ec2fa9835a41def83bb7e (7.1-rc7)
-CVE-2026-53165 [iomap: avoid potential null folio->mapping deref during error 
reporting]
+CVE-2026-53165 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/2eea7f44b9c8b42fd7d3a1a87c06a7cd1b99c327 (7.1-rc7)
-CVE-2026-53164 [iommu/dma: Do not try to iommu_map a 0 length region in 
swiotlb]
+CVE-2026-53164 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/6ec91df8aff77e2e8fe3179c1f3fc15b43a40ba3 (7.1)
-CVE-2026-53162 [memcg: use round-robin victim selection in refill_stock]
+CVE-2026-53162 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/c0cafe24d3f6534294c4b2bc2d47734ff7cbd313 (7.1-rc7)
-CVE-2026-53155 [mm/huge_memory: use correct flags for device private PMD entry]
+CVE-2026-53155 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/43e7f189769c512c843184a8a5892ac779a6bd90 (7.1)
-CVE-2026-53154 [mm/hugetlb: restore reservation on error in hugetlb folio copy 
paths]
+CVE-2026-53154 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/40c81856e622a9dc59294a90d169ac07ea25b0b0 (7.1-rc7)
-CVE-2026-53153 [mm/list_lru: drain before clearing xarray entry on reparent]
+CVE-2026-53153 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/98733f3f0becb1ae0701d021c1748e974e5fa55c (7.1)
-CVE-2026-53152 [mmc: dw_mmc-rockchip: Add missing private data for very old 
controllers]
+CVE-2026-53152 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/1e9a4850afa0ceb63984fb1a9f3e86d0fc4fd18f (7.1-rc7)
-CVE-2026-53145 [drm/gem: Try to fix change_handle ioctl, attempt 4]
+CVE-2026-53145 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/1a4f03d22fb655e5f192244fb2c87d8066fcfca2 (7.1-rc7)
-CVE-2026-53144 [drm/amdkfd: fix NULL dereference in get_queue_ids()]
+CVE-2026-53144 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/2bd550b547deabef98bd3b017ff743b7c34d3a6d (7.1-rc7)
-CVE-2026-53141 [drm/v3d: Fix global performance monitor reference counting]
+CVE-2026-53141 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/6bf7e2affc6e62da7add393d7f352d4040f5bc27 (7.1-rc7)
-CVE-2026-53140 [drm/v3d: Fix vaddr leak when indirect CSD has zeroed 
workgroups]
+CVE-2026-53140 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/ae7676952790f421c40918e2586a2c9f12a682b6 (7.1-rc7)
-CVE-2026-53277 [KVM: arm64: Take the SRCU lock for page table walks in fault 
injection and AT emulation]
+CVE-2026-53277 (In the Linux kernel, the following vulnerability has been 
resolved:  K ...)
        - linux 7.0.13-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/f2ca45b50d4216c9cc7ffabf50d9ad1932209251 (7.1-rc7)
-CVE-2026-53275 [ipv6: mcast: Fix use-after-free when processing MLD queries]
+CVE-2026-53275 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/791c91dc7a9dfb2457d5e29b8216a6484b9c4b40 (7.1-rc7)
-CVE-2026-53274 [net/smc: fix sleep-inside-lock in __smc_setsockopt() causing 
local DoS]
+CVE-2026-53274 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/a3fdd924d88c30b9f488636ce0e4696012cf5511 (7.1-rc4)
-CVE-2026-53273 [tee: optee: prevent use-after-free when the client exits 
before the supplicant]
+CVE-2026-53273 (In the Linux kernel, the following vulnerability has been 
resolved:  t ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/387a926ee166814611acecb960207fe2f3c4fd3e (7.1-rc7)
-CVE-2026-53272 [erofs: fix use-after-free on sbi->sync_decompress]
+CVE-2026-53272 (In the Linux kernel, the following vulnerability has been 
resolved:  e ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/1aee05e814d292064bf5fa15733741040cdc48ba (7.1-rc7)
-CVE-2026-53270 [ipvs: clear the svc scheduler ptr early on edit]
+CVE-2026-53270 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/193989cc6d80dd8e0460fb3992e69fa03bf0ff9b (7.1-rc7)
-CVE-2026-53269 [netfilter: synproxy: add mutex to guard hook reference 
counting]
+CVE-2026-53269 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/2fcba19caaeb2a33017459d3430f057967bb91b6 (7.1-rc7)
-CVE-2026-53268 [netfilter: conntrack_irc: fix possible out-of-bounds read]
+CVE-2026-53268 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/66eba0ffce3b7e11449946b4cbbef8ea36112f56 (7.1-rc7)
-CVE-2026-53267 [netfilter: nft_ct: bail out on template ct in get eval]
+CVE-2026-53267 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/3027ecbdb5fdf9200251c21d4818e4c447ef78e1 (7.1-rc7)
-CVE-2026-53266 [netfilter: bridge: make ebt_snat ARP rewrite writable]
+CVE-2026-53266 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/67ba971ae02514d85818fe0c32549ab4bfa3bf49 (7.1-rc7)
-CVE-2026-53265 [dm cache policy smq: check allocation under invalidate lock]
+CVE-2026-53265 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/d3f0a606b9f278ece8a0df626ded9c4044071235 (7.1-rc7)
-CVE-2026-53264 [net/sched: act_api: use RCU with deferred freeing for action 
lifecycle]
+CVE-2026-53264 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/5057e1aca011e51ef51498c940ef96f3d3e8a305 (7.1-rc7)
-CVE-2026-53263 [6lowpan: fix off-by-one in multicast context address 
compression]
+CVE-2026-53263 (In the Linux kernel, the following vulnerability has been 
resolved:  6 ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/2a58899d11009bffc7b4b32a571858f381121837 (7.1-rc7)
-CVE-2026-53262 [l2tp: pppol2tp: hold reference to session in pppol2tp_ioctl()]
+CVE-2026-53262 (In the Linux kernel, the following vulnerability has been 
resolved:  l ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/a213a8950414c684999dcf03edeea6c46ede172e (7.1-rc7)
-CVE-2026-53260 [tcp: Add preempt_{disable,enable}_nested() in 
reqsk_queue_hash_req().]
+CVE-2026-53260 (In the Linux kernel, the following vulnerability has been 
resolved:  t ...)
        - linux 7.0.13-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/e10902df24488ca722303133acfc82490f7d59ad (7.1-rc7)
-CVE-2026-53258 [wifi: fix leak if split 6 GHz scanning fails]
+CVE-2026-53258 (In the Linux kernel, the following vulnerability has been 
resolved:  w ...)
        - linux 7.0.13-1
        NOTE: 
https://git.kernel.org/linus/e8694f7cc29287e843648d1075177b9a2000d957 (7.1-rc7)
-CVE-2026-53257 [wifi: cfg80211: enforce HE/EHT cap/oper consistency]
+CVE-2026-53257 (In the Linux kernel, the following vulnerability has been 
resolved:  w ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/cb9959ab5f99611d27a06586add84811fe8102dc (7.1-rc7)
-CVE-2026-53256 [Bluetooth: RFCOMM: hold listener socket in 
rfcomm_connect_ind()]
+CVE-2026-53256 (In the Linux kernel, the following vulnerability has been 
resolved:  B ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/43c441edacf953b39517a44f5e5e10a93618b226 (7.1-rc7)
-CVE-2026-53255 [Bluetooth: MGMT: validate advertising TLV before type checks]
+CVE-2026-53255 (In the Linux kernel, the following vulnerability has been 
resolved:  B ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/de23fb62259aa01d294f77238ae3b835eb674413 (7.1-rc7)
-CVE-2026-53254 [Bluetooth: RFCOMM: validate skb length in MCC handlers]
+CVE-2026-53254 (In the Linux kernel, the following vulnerability has been 
resolved:  B ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/23882b828c3c8c51d0c946446a396b10abb3b16b (7.1-rc7)
-CVE-2026-53253 [Bluetooth: bnep: reject short frames before parsing]
+CVE-2026-53253 (In the Linux kernel, the following vulnerability has been 
resolved:  B ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/6770d3a8acdf9151769180cc3710346c4cfbe6f0 (7.1-rc7)
-CVE-2026-53252 [Bluetooth: fix memory leak in error path of hci_alloc_dev()]
+CVE-2026-53252 (In the Linux kernel, the following vulnerability has been 
resolved:  B ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/37b3009bf5976e8ab77c8b9a9bc3bbd7ff49e37f (7.1-rc7)
-CVE-2026-53250 [xsk: cache csum_start/csum_offset to fix TOCTOU in 
xsk_skb_metadata()]
+CVE-2026-53250 (In the Linux kernel, the following vulnerability has been 
resolved:  x ...)
        - linux 7.0.13-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/22ba97ea9cc1f63a0d0244fae38057ed452b6ac7 (7.1-rc7)
-CVE-2026-53249 [ipv4: restrict IPOPT_SSRR and IPOPT_LSRR options]
+CVE-2026-53249 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/d3915a1f5a4bc0ac911032903c3c6ab8df9fcc7c (7.1-rc7)
-CVE-2026-53246 [sctp: validate cached peer INIT chunk length in COOKIE_ECHO 
processing]
+CVE-2026-53246 (In the Linux kernel, the following vulnerability has been 
resolved:  s ...)
        - linux 7.0.13-1
        NOTE: 
https://git.kernel.org/linus/0861615c28de668669d748ef4eb913ea9262d13b (7.1-rc7)
-CVE-2026-53245 [net/802/mrp: fix vector attribute parsing in 
mrp_pdu_parse_vecattr]
+CVE-2026-53245 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/7561c7fbc694308da73300f036719e63e42bf0b4 (7.1-rc7)
-CVE-2026-53242 [ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() 
on linked streams]
+CVE-2026-53242 (In the Linux kernel, the following vulnerability has been 
resolved:  A ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/88fe2e3658726cb21ff2dcf9770bf672f9b9d31b (7.1-rc7)
-CVE-2026-53239 [xfrm: policy: fix use-after-free on inexact bin in 
xfrm_policy_bysel_ctx()]
+CVE-2026-53239 (In the Linux kernel, the following vulnerability has been 
resolved:  x ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/7f2d76c9c03257c0782afef9d95321fa04096f60 (7.1)
-CVE-2026-53238 [netlabel: validate unlabeled address and mask attribute 
lengths]
+CVE-2026-53238 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/9772589b57e44aedc240211c5c3f7a684a034d3a (7.1)
-CVE-2026-53237 [gpio: mvebu: fix NULL pointer dereference in suspend/resume]
+CVE-2026-53237 (In the Linux kernel, the following vulnerability has been 
resolved:  g ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/b9ad50d7505ebd48282ec3630258dc820fc85c81 (7.1)
-CVE-2026-53236 [tcp: restrict SO_ATTACH_FILTER to priv users]
+CVE-2026-53236 (In the Linux kernel, the following vulnerability has been 
resolved:  t ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/5d39580f68e6ddeedd15e587282207489dfb3da2 (7.1)
-CVE-2026-53232 [net: phy: clean the sfp upstream if phy probing fails]
+CVE-2026-53232 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux <unfixed>
        NOTE: 
https://git.kernel.org/linus/48774e87bbaa0056819d4b52301e4692e50e3252 (7.1)
-CVE-2026-53230 [net/mlx5: Fix slab-out-of-bounds in 
mlx5_query_nic_vport_mac_list]
+CVE-2026-53230 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/894e036a24a26a6dd7b17d8d3fb5c53ab48a6074 (7.1)
-CVE-2026-53229 [net/mlx5e: xsk: Fix DMA and xdp_frame leak on XDP_TX xmit 
failure]
+CVE-2026-53229 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/b69004f5a6ad32da84d8aa5b23b9c0caafe6252e (7.1)
-CVE-2026-53228 [ipv6: sit: reload inner IPv6 header after GSO offloads]
+CVE-2026-53228 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/f0e42f0c4337b1f220de1ddd63f47197c7dee4de (7.1)
-CVE-2026-53227 [net: openvswitch: fix possible kfree_skb of ERR_PTR]
+CVE-2026-53227 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/ee30dd2909d8b98619f4341c70ec8dc8e155ab02 (7.1)
-CVE-2026-53226 [gpio: rockchip: fix generic IRQ chip leak on remove]
+CVE-2026-53226 (In the Linux kernel, the following vulnerability has been 
resolved:  g ...)
        - linux 7.0.13-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/1c1e0fc88d6ef65bf15d517853251f75ab9d18c3 (7.1)
-CVE-2026-53225 [sctp: fix uninit-value in __sctp_rcv_asconf_lookup()]
+CVE-2026-53225 (In the Linux kernel, the following vulnerability has been 
resolved:  s ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/f8373d7090b745728de66308deeecc67e8d319ce (7.1)
-CVE-2026-53224 [sctp: validate embedded INIT chunk and address list lengths in 
cookie]
+CVE-2026-53224 (In the Linux kernel, the following vulnerability has been 
resolved:  s ...)
        - linux 7.0.13-1
        NOTE: 
https://git.kernel.org/linus/6f4c80a2a7e6d06753b89a578b710a2499a5e62b (7.1)
-CVE-2026-53223 [net: guard timestamp cmsgs to real error queue skbs]
+CVE-2026-53223 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/1ee90b77b727df903033db873c75caac5c27ec98 (7.1)
-CVE-2026-53222 [ptp: ocp: fix resource freeing order]
+CVE-2026-53222 (In the Linux kernel, the following vulnerability has been 
resolved:  p ...)
        - linux 7.0.13-1
        [trixie] - linux <not-affected> (Vulnerable code not present)
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/627366c51145a07f675b1800fb5ea2ec960bd900 (7.1)
-CVE-2026-53221 [ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup()]
+CVE-2026-53221 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/a5c0359f5cbc51a2e2b114d6041e0f3c73f903e9 (7.1)
-CVE-2026-53220 [netfilter: revalidate bridge ports]
+CVE-2026-53220 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/ccb9fd4b87538ccf19ccff78ee26700526d94867 (7.1)
-CVE-2026-53219 [netfilter: x_tables: avoid leaking percpu counter pointers]
+CVE-2026-53219 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/f7f2fbb0e893a0238dc464f8d8c0f5609bec584f (7.1)
-CVE-2026-53218 [netfilter: nft_exthdr: fix register tracking for F_PRESENT 
flag]
+CVE-2026-53218 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/772cecf198da732faebb5dcfc46d66a505be8495 (7.1)
-CVE-2026-53217 [net: mvpp2: sync RX data at the hardware packet offset]
+CVE-2026-53217 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/180235600934bef6add3be637c296d6cf3272e67 (7.1)
-CVE-2026-53216 [net: mvpp2: limit XDP frame size to the RX buffer]
+CVE-2026-53216 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/f3c6aa078927e6fe8121c9c591ddee8716c5305a (7.1)
-CVE-2026-53215 [net: mvpp2: refill RX buffers before XDP or skb use]
+CVE-2026-53215 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/5e8e2a9624df72fca7c736b2966b2cbf6c9c3ff6 (7.1)
-CVE-2026-53213 [drm/vc4: fix krealloc() memory leak]
+CVE-2026-53213 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/5d563a5da8717629ae72f9eadf1e0e340bd1658b (7.1)
-CVE-2026-53212 [netfilter: nft_tunnel: fix use-after-free on object destroy]
+CVE-2026-53212 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/c32b26aaa2f9216520a38b3f4bfeec846eb3eb8a (7.1-rc7)
-CVE-2026-53209 [Bluetooth: hci_sync: reject oversized Broadcast Announcement 
prepend]
+CVE-2026-53209 (In the Linux kernel, the following vulnerability has been 
resolved:  B ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/5c65b96b549ea2dcfde497436bf9e048deb87758 (7.1-rc7)
-CVE-2026-53208 [Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig]
+CVE-2026-53208 (In the Linux kernel, the following vulnerability has been 
resolved:  B ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/dd214733544427587a95f66dbf3adff072568990 (7.1-rc7)
-CVE-2026-53207 [mm/memory-failure: fix hugetlb_lock AA deadlock in 
get_huge_page_for_hwpoison]
+CVE-2026-53207 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/3c2d42b8ee345b17a4ba56b0f6492d1ff4c1178e (7.1-rc7)
-CVE-2026-53199 [hv_netvsc: use kmap_local_page in netvsc_copy_to_send_buf]
+CVE-2026-53199 (In the Linux kernel, the following vulnerability has been 
resolved:  h ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/004e9ecfe6c5384f9e0b2f6f6389d42ec22789af (7.1)
-CVE-2026-53198 [ksmbd: fix use-after-free of a deferred file_lock on double 
SMB2_CANCEL]
+CVE-2026-53198 (In the Linux kernel, the following vulnerability has been 
resolved:  k ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/f580d27e8928828693df44ba2db0fffdbe11dfea (7.1-rc7)
-CVE-2026-53196 [USB: serial: io_ti: fix heap overflow in get_manuf_info()]
+CVE-2026-53196 (In the Linux kernel, the following vulnerability has been 
resolved:  U ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/183c1076eca43bbb3e7bdf597456f91d81c73e74 (7.1)
-CVE-2026-53195 [USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr()]
+CVE-2026-53195 (In the Linux kernel, the following vulnerability has been 
resolved:  U ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/0fd2b00b2d3d05e3eaa13342b3dfb0fa85c226ae (7.1)
-CVE-2026-53194 [USB: serial: kl5kusb105: fix bulk-out buffer overflow]
+CVE-2026-53194 (In the Linux kernel, the following vulnerability has been 
resolved:  U ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/96d47e40bf9db4a9efd5c8fb53287a508d165f14 (7.1)
-CVE-2026-53192 [ALSA: timer: Fix UAF at snd_timer_user_params()]
+CVE-2026-53192 (In the Linux kernel, the following vulnerability has been 
resolved:  A ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/053a401b592be424fea9d57c789f66cd5d8cec11 (7.1)
-CVE-2026-53189 [mm/huge_memory: update file PMD counter before folio_put()]
+CVE-2026-53189 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/8d878059924f12c1bc24556a92ec56add74de3c8 (7.1-rc7)
-CVE-2026-53186 [RDMA/srp: bound SRP_RSP sense copy by the received length]
+CVE-2026-53186 (In the Linux kernel, the following vulnerability has been 
resolved:  R ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/13e91fd076306f5d0cdfa14f53d69e37274723c4 (7.1)
-CVE-2026-53185 [zram: fix use-after-free in zram_bvec_write_partial()]
+CVE-2026-53185 (In the Linux kernel, the following vulnerability has been 
resolved:  z ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/732fd9f0b9c1cdc6dfd77162ded60df005182cc0 (7.1)
-CVE-2026-53184 [udp: clear skb->dev before running a sockmap verdict]
+CVE-2026-53184 (In the Linux kernel, the following vulnerability has been 
resolved:  u ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/3c94f241f776562c489876ff506f366224565c21 (7.1-rc7)
-CVE-2026-53183 [mptcp: allow subflow rcv wnd to shrink]
+CVE-2026-53183 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/da23be77e1292cd611e736c3aa17da633d7ddce7 (7.1-rc7)
-CVE-2026-53182 [wifi: nl80211: reject oversized EMA RNR lists]
+CVE-2026-53182 (In the Linux kernel, the following vulnerability has been 
resolved:  w ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/4cd92957e8f8cc4ebfe8a5d4203c14c592fde6b1 (7.1-rc7)
-CVE-2026-53181 [vsock/vmci: fix sk_ack_backlog leak on failed handshake]
+CVE-2026-53181 (In the Linux kernel, the following vulnerability has been 
resolved:  v ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/c05fa14db43ebef3bd862ca9d073981c0358b3f0 (7.1-rc7)
-CVE-2026-53179 [staging: rtl8723bs: fix buffer over-read in 
rtw_update_protection]
+CVE-2026-53179 (In the Linux kernel, the following vulnerability has been 
resolved:  s ...)
        - linux 7.0.13-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/514ab98364595007d4557ecc85d7e5f012c504d3 (7.1)
-CVE-2026-53178 [staging: rtl8723bs: rtw_mlme: add bounds checks before 
ie_length subtraction]
+CVE-2026-53178 (In the Linux kernel, the following vulnerability has been 
resolved:  s ...)
        - linux 7.0.13-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/88e994c57a79f62d5338231d8d37ee8dd98baffe (7.1)
-CVE-2026-53177 [bnxt_en: Fix NULL pointer dereference]
+CVE-2026-53177 (In the Linux kernel, the following vulnerability has been 
resolved:  b ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/d930276f2cddd0b7294cac7a8fe7b877f6d9e08d (7.1)
-CVE-2026-53176 [IB/isert: Reject login PDUs shorter than ISER_HEADERS_LEN]
+CVE-2026-53176 (In the Linux kernel, the following vulnerability has been 
resolved:  I ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/29e7b925ae6df64894e82ab6419994dc25580a8a (7.1)
-CVE-2026-53168 [fuse: reject fuse_notify() pagecache ops on directories]
+CVE-2026-53168 (In the Linux kernel, the following vulnerability has been 
resolved:  f ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/9c954499d43aefac01c5dfb57a82b13d2dcf4b94 (7.1-rc7)
-CVE-2026-53167 [fuse: limit FUSE_NOTIFY_RETRIEVE to uptodate folios]
+CVE-2026-53167 (In the Linux kernel, the following vulnerability has been 
resolved:  f ...)
        - linux 7.0.13-1
        NOTE: 
https://git.kernel.org/linus/4e3d1b2c48ca6c55f1e9ca7f8dccc76f120f276c (7.1-rc7)
-CVE-2026-53166 [futex/requeue: Prevent NULL pointer dereference in 
remove_waiter() on self-deadlock]
+CVE-2026-53166 (In the Linux kernel, the following vulnerability has been 
resolved:  f ...)
        - linux 7.0.13-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/74e144274af39935b0f410c0ee4d2b91c3730414 (7.1-rc7)
-CVE-2026-53163 [locking/rtmutex: Skip remove_waiter() when waiter is not 
enqueued]
+CVE-2026-53163 (In the Linux kernel, the following vulnerability has been 
resolved:  l ...)
        - linux 7.0.13-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/40a25d59e85b3c8709ac2424d44f65610467871e (7.1-rc7)
-CVE-2026-53161 [misc: fastrpc: fix use-after-free of fastrpc_user in workqueue 
context]
+CVE-2026-53161 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/e85eb5feca8e254905ffa6c57a3c99c89a674a0f (7.1)
-CVE-2026-53160 [misc: fastrpc: fix use-after-free race in fastrpc_map_create]
+CVE-2026-53160 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/07ebe87915d8accdaba20c4f88c5ae430fe62fbb (7.1)
-CVE-2026-53159 [misc: fastrpc: fix DMA address corruption due to find_vma 
misuse]
+CVE-2026-53159 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/464c6ad2aa16e1e1df9d559289199356493d1e00 (7.1)
-CVE-2026-53158 [misc: fastrpc: Fix NULL pointer dereference in rpmsg callback]
+CVE-2026-53158 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/5401fb4fe10fac6134c308495df18ed74aebb9c4 (7.1)
-CVE-2026-53157 [net: phonet: free phonet_device after RCU grace period]
+CVE-2026-53157 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        NOTE: 
https://git.kernel.org/linus/71de0177b28da751f407581a4515cf4d762f6296 (7.1)
-CVE-2026-53156 [nvmem: core: fix use-after-free bugs in error paths]
+CVE-2026-53156 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/5b6b6fc491899d583eaa75344e094796ae9b530b (7.1)
-CVE-2026-53151 [rxrpc: Fix the ACK parser to extract the SACK table for 
parsing]
+CVE-2026-53151 (In the Linux kernel, the following vulnerability has been 
resolved:  r ...)
        - linux 7.0.13-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/333b6d5bb9f87827ac2639c737bf9613dbae7253 (7.1)
-CVE-2026-53150 [thunderbolt: Reject zero-length property entries in validator]
+CVE-2026-53150 (In the Linux kernel, the following vulnerability has been 
resolved:  t ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/cff8eb65d1eafe7793e54b4d0cf6bf831644630b (7.1)
-CVE-2026-53149 [thunderbolt: Bound root directory content to block size]
+CVE-2026-53149 (In the Linux kernel, the following vulnerability has been 
resolved:  t ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/65423079c7420e3dbf9a7aa345c243a3f5752e5d (7.1)
-CVE-2026-53148 [thunderbolt: Clamp XDomain response data copy to allocation 
size]
+CVE-2026-53148 (In the Linux kernel, the following vulnerability has been 
resolved:  t ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/322e93448d908434ae5545660fcbe8f5a7a8e141 (7.1)
-CVE-2026-53147 [thunderbolt: Validate XDomain request packet size before type 
cast]
+CVE-2026-53147 (In the Linux kernel, the following vulnerability has been 
resolved:  t ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/a504b9f2797b739e0304d537e8aa4ce883ecce39 (7.1)
-CVE-2026-53146 [thunderbolt: Limit XDomain response copy to actual frame size]
+CVE-2026-53146 (In the Linux kernel, the following vulnerability has been 
resolved:  t ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/4db2bd2ed4785dbadaeeab9f4e346b21ac5fb8eb (7.1)
-CVE-2026-53143 [drm/amdkfd: Fix buffer overflow in SDMA queue 
checkpoint/restore on GFX11]
+CVE-2026-53143 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/352ea59028ea48a6fff77f19ae28f98f71946a80 (7.1-rc7)
-CVE-2026-53142 [drm/xe/display: fix oops in suspend/shutdown without display]
+CVE-2026-53142 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        - linux 7.0.13-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/68938cc08e23a94fd881e845837ff918de005ce7 (7.1)
-CVE-2026-53139 [drm/v3d: Skip CSD when it has zeroed workgroups]
+CVE-2026-53139 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        - linux 7.0.13-1
        NOTE: 
https://git.kernel.org/linus/7f93fad5ea0affc9e1505dd0f7596c0fdb496213 (7.1-rc7)
-CVE-2026-53138 [drm/amd/display: Bound VBIOS record-chain walk loops]
+CVE-2026-53138 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/ff287df16a1a58aca78b08d1f3ee09fc44da0351 (7.1-rc7)
-CVE-2026-53137 [drm/amd/display: Clamp HDMI HDCP2 rx_id_list read to buffer 
size]
+CVE-2026-53137 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/f0f3981c43b32cadfe373d636d9e9ca522bb3702 (7.1-rc7)
-CVE-2026-53136 [drm/amd/display: Clamp VBIOS HDMI retimer register count to 
array size]
+CVE-2026-53136 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/fb0707ce00eef4e2d60c3020e1c0432739703e4a (7.1-rc7)
-CVE-2026-53135 [drm/amd/display: Fix NULL deref and buffer over-read in SDP 
debugfs]
+CVE-2026-53135 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/adf67034b1f61f7119295208085bfd43f85f56af (7.1-rc7)
-CVE-2026-53134 [netfilter: nft_fib: fix stale stack leak via the OIFNAME 
register]
+CVE-2026-53134 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/ab185e0c4fb82dfba6fb86f8271e06f931d9c64c (7.1)
-CVE-2026-53133 [RDMA/umem: Fix truncation for block sizes >= 4G]
+CVE-2026-53133 (In the Linux kernel, the following vulnerability has been 
resolved:  R ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/15fe76e23615f502d051ef0768f86babaf08746c (7.1)
-CVE-2026-53132 [vsock/virtio: fix potential unbounded skb queue]
+CVE-2026-53132 (In the Linux kernel, the following vulnerability has been 
resolved:  v ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/059b7dbd20a6f0c539a45ddff1573cb8946685b5 (7.1-rc3)
-CVE-2026-53131 [netfilter: require Ethernet MAC header before using eth_hdr()]
+CVE-2026-53131 (In the Linux kernel, the following vulnerability has been 
resolved:  n ...)
        - linux 7.0.13-1
        [trixie] - linux 6.12.94-1
        NOTE: 
https://git.kernel.org/linus/62443dc21114c0bbc476fa62973db89743f2f137 (7.1-rc1)
@@ -1052,77 +1416,95 @@ CVE-2026-1606 (GitLab has remediated an issue in GitLab 
CE/EE affecting all vers
 CVE-2026-13311 (shell-quote prior to 1.8.5 finalizes parsed tokens in parse() 
using Ar ...)
        TODO: check
 CVE-2026-13038 (Use after free in Autofill in Google Chrome on Windows prior 
to 149.0. ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13037 (Use after free in WebView in Google Chrome on Android prior to 
149.0.7 ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13036 (Use after free in Blink in Google Chrome prior to 
149.0.7827.197 allow ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13035 (Use after free in Bluetooth in Google Chrome on Mac prior to 
149.0.782 ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13034 (Inappropriate implementation in Passwords in Google Chrome 
prior to 14 ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13033 (Out of bounds read and write in Blink>InterestGroups in Google 
Chrome  ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13032 (Use after free in WebGL in Google Chrome on Android prior to 
149.0.782 ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13031 (Use after free in Blink in Google Chrome prior to 
149.0.7827.197 allow ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13030 (Uninitialized Use in GPU in Google Chrome on Android prior to 
149.0.78 ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13029 (Use after free in Web Authentication in Google Chrome prior to 
149.0.7 ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13028 (Use after free in WebGL in Google Chrome on Android prior to 
149.0.782 ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13027 (Use after free in FileSystem in Google Chrome prior to 
149.0.7827.197  ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13026 (Use after free in Digital Credentials in Google Chrome on Mac 
prior to ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13025 (Race in DevTools in Google Chrome prior to 149.0.7827.197 
allowed a re ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13024 (Insufficient validation of untrusted input in Navigation in 
Google Chr ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13023 (Uninitialized Use in GPU in Google Chrome prior to 
149.0.7827.197 allo ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13022 (Inappropriate implementation in Autofill in Google Chrome 
prior to 149 ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-13021 (Inappropriate implementation in DeviceBoundSessionCredentials 
in Googl ...)
+       {DSA-6364-1}
        - chromium 149.0.7827.196-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12635 (GitLab has remediated an issue in GitLab CE/EE affecting all 
versions  ...)
        NOT-FOR-US: GitLab (used to be packaged in the Debian archive as 
src:gitlab, but never in a stable release)
-CVE-2026-12490
+CVE-2026-12490 (When a provide-xfr is given with a tls-auth-name, a secondary 
requesti ...)
        - nsd 4.14.3-1
        NOTE: https://www.nlnetlabs.nl/downloads/nsd/CVE-2026-12490.txt
-CVE-2026-12246
+CVE-2026-12246 (NSD version 4.14.0 introduced a bug where a specially crafted 
APL RR,  ...)
        - nsd 4.14.3-1
        [trixie] - nsd <not-affected> (Vulnerable code introduced later)
        [bookworm] - nsd <not-affected> (Vulnerable code introduced later)
        [bullseye] - nsd <not-affected> (Vulnerable code introduced later)
        NOTE: https://www.nlnetlabs.nl/downloads/nsd/CVE-2026-12246.txt
-CVE-2026-12245
+CVE-2026-12245 (NSD from version 4.13.0 has a heap use-after-free bug in 
logging error ...)
        - nsd 4.14.3-1
        [trixie] - nsd <not-affected> (Vulnerable code introduced later)
        [bookworm] - nsd <not-affected> (Vulnerable code introduced later)
        [bullseye] - nsd <not-affected> (Vulnerable code introduced later)
        NOTE: https://www.nlnetlabs.nl/downloads/nsd/CVE-2026-12245.txt
-CVE-2026-12244
+CVE-2026-12244 (If NSD is configured as secondary for a zone, the primary of 
that zone ...)
        - nsd 4.14.3-1
        [trixie] - nsd <not-affected> (Vulnerable code introduced later)
        [bookworm] - nsd <not-affected> (Vulnerable code introduced later)
@@ -2948,7 +3330,7 @@ CVE-2026-56116 (dhcpcd through 10.3.2, fixed in commit 
708b4a5, contains a memor
        - dhcpcd <unfixed>
        [trixie] - dhcpcd <no-dsa> (Minor issue)
        NOTE: Fixed by: 
https://github.com/NetworkConfiguration/dhcpcd/commit/708b4a56bae080a5b18c2e0c4c6fbe103131a2b0
-CVE-2026-56115 (dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a 
one-byte st ...)
+CVE-2026-56115 (Bootimus through 0.1.70 contains a broken access control 
vulnerability ...)
        - dhcpcd <unfixed>
        [trixie] - dhcpcd <no-dsa> (Minor issue)
        NOTE: Fixed by: 
https://github.com/NetworkConfiguration/dhcpcd/commit/2f00c7bfc408b6582d331932dfa47829c4819029
@@ -4690,6 +5072,7 @@ CVE-2026-10034 (The WP DSGVO Tools (GDPR) plugin for 
WordPress is vulnerable to
 CVE-2025-7737 (DoS Vulnerability in 10G iSCSI Interface of Hitachi Virtual 
Storage Pl ...)
        NOT-FOR-US: Hitachi
 CVE-2025-15661 (libssh2 through 1.11.1, fixed in commit 2dae302, contains an 
out-of-bo ...)
+       {DSA-6365-1}
        - libssh2 1.11.1-4 (bug #1140401)
        NOTE: https://github.com/libssh2/libssh2/pull/1705
        NOTE: https://github.com/libssh2/libssh2/pull/1717
@@ -4799,7 +5182,7 @@ CVE-2026-54419 (claudiopizzillo PIAF-HMS (PBX-In-A-Flash 
Hotel Management System
        NOT-FOR-US: PBX-In-A-Flash Hotel Management System
 CVE-2026-54390 (JTL Shop versions 5.2.0 through 5.7.1 contains a server-side 
template  ...)
        NOT-FOR-US: JTL Shop
-CVE-2026-54226
+CVE-2026-54226 (A vulnerability in Apache Kvrocks.  This issue affects Apache 
Kvrocks: ...)
        NOT-FOR-US: Apache Kvrocks
 CVE-2026-54224 (UBB.threads is vulnerable to Denial of Service (DoS). By 
sending multi ...)
        NOT-FOR-US: UBB.threads
@@ -4959,10 +5342,12 @@ CVE-2026-55202 (Tinyproxy through 1.11.3, fixed in 
commit 09312a1, fails to prop
 CVE-2026-55201 (Evil-WinRM through 3.9, fixed in commit 6ecd570, contains a 
path trave ...)
        NOT-FOR-US: Evil-WinRM
 CVE-2026-55200 (libssh2 through 1.11.1, fixed in commit 7acf3df contains an 
out-of-bou ...)
+       {DSA-6365-1}
        - libssh2 1.11.1-4 (bug #1140401)
        NOTE: https://github.com/libssh2/libssh2/pull/2052
        NOTE: Fixed by: 
https://github.com/libssh2/libssh2/commit/97acf3dfda80c91c3a8c9f2372546301d4a1a7a8
 CVE-2026-55199 (libssh2 through 1.11.1, fixed in commit 1762685, contains a 
pre-authen ...)
+       {DSA-6365-1}
        - libssh2 1.11.1-4 (bug #1140401)
        NOTE: https://github.com/libssh2/libssh2/pull/1864
        NOTE: Fixed by: 
https://github.com/libssh2/libssh2/commit/17626857d20b3c9a1addfa45979dadcee1cd84a4
@@ -5254,7 +5639,7 @@ CVE-2026-49778 (Unauthenticated Cross Site Scripting 
(XSS) in WPFunnels Pro <= 2
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-49767 (Unauthenticated Broken Authentication in wpForo Forum <= 3.1.0 
version ...)
        NOT-FOR-US: WordPress plugin or theme
-CVE-2026-49502 (Dell PowerFlex Manager, version(s) [Versions], contain(s) an 
Improper  ...)
+CVE-2026-49502 (Dell PowerFlex Manager, version(s) prior to 5.1.0.1, 
contain(s) an Imp ...)
        NOT-FOR-US: Dell / EMC
 CVE-2026-49268 (A remote attacker can inject LDAP special characters into the 
Distingu ...)
        - shiro <unfixed>
@@ -5371,7 +5756,7 @@ CVE-2026-40721 (Contributor Local File Inclusion in 
Element Pack Pro <= 9.0.6 ve
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-40720 (Unauthenticated Cross Site Scripting (XSS) in Royal Elementor 
Addons P ...)
        NOT-FOR-US: WordPress plugin or theme
-CVE-2026-40641 (Dell PowerFlex Manager, version(s) 4.6.0.1, contain(s) an Use 
of a Bro ...)
+CVE-2026-40641 (Dell PowerFlex Manager, version(s) prior to 5.1.0.1, 
contain(s) an Use ...)
        NOT-FOR-US: Dell / EMC
 CVE-2026-3894 (Out-of-bounds Read vulnerability in RTI Connext Professional 
(Core Lib ...)
        NOT-FOR-US: RTI Connext
@@ -5421,17 +5806,17 @@ CVE-2026-39199 (snes9x 1.63 allows an out-of-bounds 
write and denial of service
        NOTE: 
https://github.com/snes9xgit/snes9x/commit/96b366100172723f6314c40e237b370f4f7b59f4
 CVE-2026-36418 (JimuReport versions 2.3.4 and below are vulnerable to remote 
code exec ...)
        NOT-FOR-US: JimuReport
-CVE-2026-35162 (Dell PowerFlex Manager, version(s) [Versions], contain(s) an 
Improper  ...)
+CVE-2026-35162 (Dell PowerFlex Manager, version(s) prior to 5.1.0.1, 
contain(s) an Imp ...)
        NOT-FOR-US: Dell / EMC
-CVE-2026-35069 (Dell PowerFlex Manager, version(s) [Versions], contain(s) an 
Improper  ...)
+CVE-2026-35069 (Dell PowerFlex Manager, version(s) prior to 5.1.0.1, 
contain(s) an Imp ...)
        NOT-FOR-US: Dell / EMC
-CVE-2026-35068 (Dell PowerFlex Manager, version(s) [Versions], contain(s) an 
Improper  ...)
+CVE-2026-35068 (Dell PowerFlex Manager, version(s) prior to 5.1.0.1, 
contain(s) an Imp ...)
        NOT-FOR-US: Dell / EMC
-CVE-2026-35067 (Dell PowerFlex Manager, version(s) [Versions], contain(s) an 
Improper  ...)
+CVE-2026-35067 (Dell PowerFlex Manager, version(s) prior to 5.1.0.1, 
contain(s) an Imp ...)
        NOT-FOR-US: Dell / EMC
-CVE-2026-35066 (Dell PowerFlex Manager, version(s) [Versions], contain(s) an 
Improper  ...)
+CVE-2026-35066 (Dell PowerFlex Manager, version(s) prior to 5.1.0.1, 
contain(s) an Imp ...)
        NOT-FOR-US: Dell / EMC
-CVE-2026-35065 (Dell PowerFlex Manager, version(s) [Versions], contain(s) a 
Missing Au ...)
+CVE-2026-35065 (Dell PowerFlex Manager, version(s) prior to 5.1.0.1, 
contain(s) a Miss ...)
        NOT-FOR-US: Dell / EMC
 CVE-2026-34888 (Unauthenticated Sensitive Data Exposure in Bricksforge <= 
3.1.8.4 vers ...)
        NOT-FOR-US: WordPress plugin or theme
@@ -5439,7 +5824,7 @@ CVE-2026-32967 (Incorrect Authorization vulnerability of 
`/v2` experimental inte
        NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-32966 (DataSource API Missing Authorization Check Leads to Arbitrary 
Data Sou ...)
        NOT-FOR-US: Apache software not packaged in Debian
-CVE-2026-32804 (Dell PowerFlex Manager, version(s) [Versions], contain(s) an 
Improper  ...)
+CVE-2026-32804 (Dell PowerFlex Manager, version(s) prior to 5.1.0.1, 
contain(s) an Imp ...)
        NOT-FOR-US: Dell / EMC
 CVE-2026-32652 (Dell AIOps Collector versions prior to 1.18.3 contain a "Use 
of Defaul ...)
        NOT-FOR-US: Dell / EMC
@@ -5515,7 +5900,7 @@ CVE-2026-22326 (Unauthenticated Local File Inclusion in 
Reprizo <= 1.0.8 version
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-22325 (Unauthenticated Local File Inclusion in Promo <= 1.3.0 
versions.)
        NOT-FOR-US: WordPress plugin or theme
-CVE-2026-22283 (Dell PowerFlex Manager, version(s) Version prior to 4.8, 
contain(s) an ...)
+CVE-2026-22283 (Dell PowerFlex Manager, version(s) prior to 5.1.0.1, 
contain(s) an Inc ...)
        NOT-FOR-US: Dell / EMC
 CVE-2026-20266 (In Splunk AI Toolkit versions below 5.7.4, a user who holds 
the "admin ...)
        NOT-FOR-US: Cisco
@@ -5700,7 +6085,7 @@ CVE-2025-58952 (Unauthenticated Local File Inclusion in 
Neuronet < 1.14.0 versio
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-49403 (Unauthenticated Arbitrary File Download in Premium Age 
Verification /  ...)
        NOT-FOR-US: WordPress plugin or theme
-CVE-2025-32748 (Dell PowerFlex rack, version(s) RCM 3.7/3.7, contain(s) a Host 
Header  ...)
+CVE-2025-32748 (Dell PowerFlex Manager, version(s) prior to 5.1.0.1, 
contain(s) a Host ...)
        NOT-FOR-US: Dell / EMC
 CVE-2025-31013 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin or theme
@@ -10281,7 +10666,7 @@ CVE-2026-52903
 CVE-2026-11791 (A flaw was found in 389 Directory Server. During schema 
reload, the at ...)
        - 389-ds-base <unfixed> (bug #1139816)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2485414
-CVE-2026-49839
+CVE-2026-49839 (jq is a command-line JSON processor. Prior to 1.8.2,` jq 
--rawfile` ca ...)
        - jq 1.8.1-8
        NOTE: 
https://github.com/jqlang/jq/security/advisories/GHSA-cfh2-vwfq-qfmm
 CVE-2026-44236
@@ -13056,7 +13441,7 @@ CVE-2026-41567 (Moby is an open source container 
framework. In versions prior to
        - docker.io 28.5.2+dfsg4-3 (bug #1139965)
        NOTE: 
https://github.com/moby/moby/security/advisories/GHSA-x86f-5xw2-fm2r
        NOTE: Fixed by: 
https://github.com/moby/moby/commit/2022313ffe5a8c04890b5295bc52670ee6df8070 
(docker-v29.5.1)
-CVE-2026-41566
+CVE-2026-41566 (Improper Handling of Insufficient Permissions or Privileges 
vulnerabil ...)
        NOT-FOR-US: Apache Kvrocks
 CVE-2026-41522 (Iris is a web collaborative platform that helps incident 
responders sh ...)
        NOT-FOR-US: DFIR-IRIS
@@ -21213,7 +21598,7 @@ CVE-2026-48805
        - php-twig 3.27.0-1
        [bookworm] - php-twig <ignored> (Minor issue, too intrusive to backport)
        NOTE: 
https://symfony.com/blog/cve-2026-48805-sandbox-state-regression-in-deprecated-internal-wrappers-in-src-resources-core-php
-CVE-2026-47770
+CVE-2026-47770 (jq is a command-line JSON processor. Prior to 1.8.2, comparing 
two suf ...)
        - jq 1.8.1-7
        NOTE: 
https://github.com/jqlang/jq/commit/7122866869960b55cea3646bc91334ef55787831
        NOTE: https://github.com/jqlang/jq/pull/3539
@@ -25963,7 +26348,7 @@ CVE-2026-45442 (Missing Authorization vulnerability in 
Brainstorm Force Presto P
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-45434 (Improper Authentication vulnerability in Apache OFBiz via 
Password-Cha ...)
        NOT-FOR-US: Apache software not packaged in Debian
-CVE-2026-45188
+CVE-2026-45188 (Relative Path Traversal vulnerability in Apache Kvrocks.  This 
issue a ...)
        NOT-FOR-US: Apache Kvrocks
 CVE-2026-45187 (Improper Authorization vulnerability in Apache OFBiz Webtools. 
 This i ...)
        NOT-FOR-US: Apache software not packaged in Debian
@@ -26466,6 +26851,7 @@ CVE-2026-43491 (In the Linux kernel, the following 
vulnerability has been resolv
        [trixie] - linux 6.12.86-1
        NOTE: 
https://git.kernel.org/linus/d5ee2ff98322337951c56398e79d51815acbf955 (7.1-rc1)
 CVE-2026-8851 (SOGo versions 5.12.7 and prior contains a SQL injection 
vulnerability  ...)
+       {DSA-6366-1}
        - sogo 5.12.8-1
        NOTE: 
https://github.com/Alinto/sogo/commit/f9b71059f4f382d7b337d16ce1257443ade43d02 
(SOGo-5.12.8)
        TODO: check correctness
@@ -28442,6 +28828,7 @@ CVE-2026-45793 [Github Actions issued GITHUB_TOKEN 
disclosure in GitHub Actions
        [bookworm] - composer <no-dsa> (Minor issue)
        NOTE: 
https://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2
 CVE-2026-8496 (A cross-site scripting (XSS) vulnerability exists in Alinto 
SOGo, vers ...)
+       {DSA-6366-1}
        - sogo 5.12.8-1
        NOTE: 
https://github.com/Alinto/sogo/commit/67ce01ec2a1a7854d8e9f615dd65afb949043e8 
(SOGo-5.12.8)
 CVE-2026-8466 (Allocation of Resources Without Limits or Throttling 
vulnerability in  ...)
@@ -28550,9 +28937,11 @@ CVE-2026-4527 (GitLab has remediated an issue in 
GitLab CE/EE affecting all vers
 CVE-2026-4524 (GitLab has remediated an issue in GitLab CE/EE affecting all 
versions  ...)
        - gitlab <not-affected> (Vulnerable code not present)
 CVE-2026-46446 (SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and 
cleartext  ...)
+       {DSA-6366-1}
        - sogo 5.12.7-1
        NOTE: 
https://github.com/Alinto/sogo/commit/1f7e5d2b2c2047c44a6a9e05f73c36491cb96d21 
(SOGo-5.12.7)
 CVE-2026-46445 (SOGo before 5.12.7, when PostgreSQL is used, allows SQL 
injection.)
+       {DSA-6366-1}
        - sogo 5.12.7-1
        NOTE: 
https://github.com/Alinto/sogo/commit/1f7e5d2b2c2047c44a6a9e05f73c36491cb96d21 
(SOGo-5.12.7)
 CVE-2026-46419 (Yubico webauthn-server-core (aka java-webauthn-server) 2.8.0 
before 2. ...)
@@ -37595,6 +37984,7 @@ CVE-2026-7600 (A flaw has been found in ArtMin96 
yii2-mcp-server 1.0.2. This imp
 CVE-2026-7599 (A vulnerability was detected in Dayoooun hwpx-mcp 0.2.0. This 
affects  ...)
        NOT-FOR-US: Dayoooun hwpx-mcp
 CVE-2026-7598 (A security vulnerability has been detected in libssh2 up to 
1.11.1. Th ...)
+       {DSA-6365-1}
        - libssh2 1.11.1-3 (bug #1135647)
        [bookworm] - libssh2 <no-dsa> (Minor issue)
        [bullseye] - libssh2 <postponed> (Minor issue, unlikely user/pass 
length)
@@ -39728,6 +40118,7 @@ CVE-2026-XXXX [RUSTSEC-2026-0113]
        [trixie] - rust-astral-tokio-tar <no-dsa> (Minor issue)
        NOTE: https://rustsec.org/advisories/RUSTSEC-2026-0113.html
 CVE-2026-7111 (Text::CSV_XS versions before 1.62 for Perl have a 
use-after-free when  ...)
+       {DLA-4648-1}
        - libtext-csv-xs-perl 1.62-1 (bug #1135232)
        [trixie] - libtext-csv-xs-perl 1.60-1+deb13u1
        NOTE: https://lists.security.metacpan.org/cve-announce/msg/39453344/
@@ -61068,9 +61459,9 @@ CVE-2026-4676 (Use after free in Dawn in Google Chrome 
prior to 146.0.7680.165 a
        {DSA-6177-1}
        - chromium 146.0.7680.164-1
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-46752
+CVE-2026-46752 (Redis Lua HEAP overflow in cjson library vulnerability in 
Apache Kvroc ...)
        NOT-FOR-US: Apache Kvrocks
-CVE-2026-46751
+CVE-2026-46751 (A vulnerability in Apache Kvrocks.  This issue affects Apache 
Kvrocks: ...)
        NOT-FOR-US: Apache Kvrocks
 CVE-2026-4675 (Heap buffer overflow in WebGL in Google Chrome prior to 
146.0.7680.165 ...)
        {DSA-6177-1}
@@ -64196,10 +64587,12 @@ CVE-2026-3312
        [bullseye] - pagure <postponed> (Minor issue, infoleak)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2443259
 CVE-2025-71276 (SOGo before 5.12.5 is prone to a XSS vulnerability with 
events, tasks, ...)
+       {DSA-6366-1}
        - sogo 5.12.6-1 (bug #1131605)
        [bullseye] - sogo <postponed> (minor issue; XSS)
        NOTE: Fixed by: 
https://github.com/Alinto/sogo/commit/e9b3f2a43d7557e8416f6749df4ab4f9128af2d1 
(SOGo-5.12.5)
 CVE-2026-33550 (SOGo before 5.12.5 does not renew the OTP if a user 
disables/enables i ...)
+       {DSA-6366-1}
        - sogo 5.12.6-1 (bug #1131606)
        [bullseye] - sogo <postponed> (minor issue)
        NOTE: Fixed by: 
https://github.com/Alinto/sogo/commit/83d4c522f87cfde0ba543837d9b24c3479083ec2 
(SOGo-5.12.5)
@@ -70877,7 +71270,7 @@ CVE-2026-3465 (A vulnerability was determined in Tuya 
App and SDK 24.07.11 on An
        NOT-FOR-US: Tuya App and SDK
 CVE-2026-3463 (A weakness has been identified in xlnt-community xlnt up to 
1.6.1. Imp ...)
        NOT-FOR-US: xlnt-community xlnt
-CVE-2026-3437 (An Improper Restriction of Operations within the Bounds of a 
Memory Bu ...)
+CVE-2026-3437 (An improper restriction of operations within the bounds of a 
memory bu ...)
        NOT-FOR-US: Portwell Engineering Toolkits
 CVE-2026-3351 (Improper authorization in the API endpoint GET 
/1.0/certificates in Ca ...)
        - lxd <not-affected> (Vulnerable code introduced later)
@@ -73716,6 +74109,7 @@ CVE-2026-3064 (A security vulnerability has been 
detected in HummerRisk up to 1.
 CVE-2026-3057 (A security flaw has been discovered in a54552239 pearProjectApi 
up to  ...)
        NOT-FOR-US: a54552239 pearProjectApi
 CVE-2026-3054 (A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. 
This impa ...)
+       {DSA-6366-1}
        - sogo 5.12.6-1 (bug #1130878)
        [bullseye] - sogo <postponed> (minor issue)
        NOTE: Fixed by: 
https://github.com/Alinto/sogo/commit/e821b20f87d1a9757f1d0aff7d1e31703f97054b 
(SOGo-5.12.5)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/158c034299ff5b07b0ccec5f0bb180758c3b63f4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/158c034299ff5b07b0ccec5f0bb180758c3b63f4
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to