Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b1d6daf4 by Salvatore Bonaccorso at 2026-06-25T22:18:07+02:00
Add CVE-2026-56774/kanboard
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -121,7 +121,10 @@ CVE-2026-56786 (RTKLIB through 2.4.3 contains an
out-of-bounds write vulnerabili
CVE-2026-56779 (MaxKB before 2.10.0 contains a server-side request forgery
vulnerabili ...)
NOT-FOR-US: MaxKB
CVE-2026-56774 (Kanboard through 1.2.52, fixed in commit 928c68a,
UserViewController:: ...)
- TODO: check
+ - kanboard <unfixed>
+ NOTE: https://github.com/kanboard/kanboard/issues/5829
+ NOTE: https://github.com/kanboard/kanboard/pull/5831
+ NOTE: Fixed by:
https://github.com/kanboard/kanboard/commit/928c68aa2b7c00092dd71084d329b912e229f3d1
CVE-2026-56772 (NewsBlur before 14.5.0 contains a broken access control
vulnerability ...)
NOT-FOR-US: NewsBlur
CVE-2026-56771 (NewsBlur before version 14.5.0 contains a server-side request
forgery ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b1d6daf44d9a948173ef43ff99cc4536a243f359
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b1d6daf44d9a948173ef43ff99cc4536a243f359
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits