Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
81042852 by security tracker role at 2026-06-28T19:16:04+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,43 @@
+CVE-2026-49048 (The Joomla extension JoomCCK exposes a front-end controller 
task, that ...)
+       TODO: check
+CVE-2026-13504 (A vulnerability has been found in code-projects Project 
Management Sys ...)
+       TODO: check
+CVE-2026-13503 (A vulnerability was detected in antlr ANTLR4 up to 4.13.2. 
Affected by ...)
+       TODO: check
+CVE-2026-13502 (A flaw has been found in antlr ANTLR4 up to 4.13.2. This 
affects the f ...)
+       TODO: check
+CVE-2026-13501 (A security vulnerability has been detected in antlr ANTLR4 up 
to 4.13. ...)
+       TODO: check
+CVE-2026-13500 (A weakness has been identified in antlr ANTLR4 up to 4.13.2. 
Affected  ...)
+       TODO: check
+CVE-2026-13499 (A security flaw has been discovered in yashpokharna2555 
restaurent-man ...)
+       TODO: check
+CVE-2026-13498 (A vulnerability was identified in yashpokharna2555 
restaurent-manageme ...)
+       TODO: check
+CVE-2026-13497 (A vulnerability was determined in itsourcecode Hospital 
Management Sys ...)
+       TODO: check
+CVE-2026-13496 (A vulnerability was found in itsourcecode Hospital Management 
System 1 ...)
+       TODO: check
+CVE-2026-13495 (A vulnerability has been found in itsourcecode Hospital 
Management Sys ...)
+       TODO: check
+CVE-2026-13493 (A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. 
This is ...)
+       TODO: check
+CVE-2026-13491 (A vulnerability was detected in 78 xiaozhi-esp32 up to 2.2.6. 
This vul ...)
+       TODO: check
+CVE-2026-13490 (A security vulnerability has been detected in glpi-project 
glpi 11.0.5 ...)
+       TODO: check
+CVE-2026-13489 (A weakness has been identified in 78 xiaozhi-esp32 up to 
2.2.6. Affect ...)
+       TODO: check
+CVE-2026-13488 (A security flaw has been discovered in SourceCodester Class 
and Exam T ...)
+       TODO: check
+CVE-2026-13487 (A vulnerability was identified in SourceCodester Class and 
Exam Timeta ...)
+       TODO: check
+CVE-2026-13486 (A vulnerability was determined in SourceCodester Class and 
Exam Timeta ...)
+       TODO: check
+CVE-2026-13485 (A vulnerability was found in SourceCodester Class and Exam 
Timetabling ...)
+       TODO: check
+CVE-2026-13484 (A vulnerability has been found in MLflow up to 
4666cffc7912ea606d592fc ...)
+       TODO: check
 CVE-2026-8095 (The Frontend File Manager Plugin plugin for WordPress is 
vulnerable to ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-58058 (Nmap through 7.99 does not keep the IPv6 extension-header walk 
within  ...)
@@ -567,12 +607,14 @@ CVE-2026-53279 (In the Linux kernel, the following 
vulnerability has been resolv
 CVE-2026-9699 (Mattermost Plugins versions <=11.6 10.18.11 11.3.6 11.6.5.0 
fail to sa ...)
        NOT-FOR-US: Mattermost Plugins
 CVE-2026-9640 (A privilege escalation vulnerability exists in LXD from 6.0 
before 6.9 ...)
+       {DSA-6373-1}
        - lxd <removed>
        NOTE: 
https://github.com/canonical/lxd/security/advisories/GHSA-ppq7-4492-5552
        NOTE: https://github.com/canonical/lxd/pull/18301
        NOTE: https://github.com/canonical/lxd/pull/18303
        NOTE: https://github.com/canonical/lxd/pull/18304
 CVE-2026-9639 (Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD 
up to v ...)
+       {DSA-6373-1}
        - lxd <removed>
        NOTE: 
https://github.com/canonical/lxd/security/advisories/GHSA-j93m-3j9p-m5m8
        NOTE: https://github.com/canonical/lxd/pull/18320
@@ -1275,54 +1317,54 @@ CVE-2021-47986 (Parse Server before 4.10.0 contains a 
supply chain vulnerability
 CVE-2020-37256 (Grav before 1.6.30 contains a cross-site scripting 
vulnerability in th ...)
        NOT-FOR-US: Grav CMS
 CVE-2026-48750
-       {DSA-6370-1}
+       {DSA-6373-1 DSA-6370-1}
        - incus 7.0.0-5
        - lxd <removed>
        NOTE: 
https://github.com/lxc/incus/security/advisories/GHSA-73hr-m85f-64v9
        NOTE: https://github.com/canonical/lxd/pull/18590
 CVE-2026-48751
-       {DSA-6370-1}
+       {DSA-6373-1 DSA-6370-1}
        - incus 7.0.0-5
        - lxd <removed>
        NOTE: 
https://github.com/lxc/incus/security/advisories/GHSA-48q5-w887-33wv
        NOTE: https://github.com/canonical/lxd/pull/18604
 CVE-2026-48752
-       {DSA-6370-1}
+       {DSA-6373-1 DSA-6370-1}
        - incus 7.0.0-5
        - lxd <removed>
        NOTE: 
https://github.com/lxc/incus/security/advisories/GHSA-vxp5-584q-c479
        NOTE: 
https://github.com/lxc/incus/commit/cbefa31ae0da8fd96361178aed3a3c631e098fef 
(v7.2.0)
        NOTE: https://github.com/canonical/lxd/pull/18590
 CVE-2026-48755
-       {DSA-6370-1}
+       {DSA-6373-1 DSA-6370-1}
        - incus 7.0.0-5
        - lxd <removed>
        NOTE: 
https://github.com/lxc/incus/security/advisories/GHSA-v6mj-8pf4-hhw4
        NOTE: 
https://github.com/lxc/incus/commit/873a032a461df6b09b7586435b592873863a4e88 
(v7.2.0)
        NOTE: https://github.com/canonical/lxd/pull/18597
 CVE-2026-48769
-       {DSA-6370-1}
+       {DSA-6373-1 DSA-6370-1}
        - incus 7.0.0-5
        - lxd <removed>
        NOTE: 
https://github.com/lxc/incus/security/advisories/GHSA-f6m5-xw2g-xc4x
        NOTE: 
https://github.com/lxc/incus/commit/46d6ef232186df5535c49ca9f3597cab381f9b86 
(v7.2.0)
        NOTE: https://github.com/canonical/lxd/pull/18594
 CVE-2026-55621
-       {DSA-6370-1}
+       {DSA-6373-1 DSA-6370-1}
        - incus 7.0.0-5
        - lxd <removed>
        NOTE: 
https://github.com/lxc/incus/security/advisories/GHSA-64f3-v33m-w89f
        NOTE: 
https://github.com/lxc/incus/commit/2e01078366e2653712719dec82318e51c6d21b28 
(v7.2.0)
        NOTE: https://github.com/canonical/lxd/pull/18603
 CVE-2026-55622
-       {DSA-6370-1}
+       {DSA-6373-1 DSA-6370-1}
        - incus 7.0.0-5
        - lxd <removed>
        NOTE: 
https://github.com/lxc/incus/security/advisories/GHSA-c9f5-j9c3-mhrg
        NOTE: 
https://github.com/lxc/incus/commit/1e3ffc53a10950e55de62ac1e0d612be597b84eb 
(v7.2.0)
        NOTE: https://github.com/canonical/lxd/pull/18603
 CVE-2026-48749
-       {DSA-6370-1}
+       {DSA-6373-1 DSA-6370-1}
        - incus 7.0.0-5
        - lxd <removed>
        NOTE: 
https://github.com/lxc/incus/security/advisories/GHSA-2q3f-q5pq-g8wv
@@ -17238,6 +17280,7 @@ CVE-2026-50219 (libexpat before 2.8.2 lacks handler 
call depth tracking for call
        - expat 2.8.2-1 (bug #1138862)
        NOTE: https://github.com/libexpat/libexpat/pull/1246
 CVE-2026-8829 (HTML::Entities versions before 3.84 for Perl read freed heap 
memory in ...)
+       {DLA-4655-1}
        - libhtml-parser-perl 3.83-2
        [trixie] - libhtml-parser-perl <no-dsa> (Minor issue)
        [bookworm] - libhtml-parser-perl <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8104285283b0e0dc947a83c699e161762e9bc96e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8104285283b0e0dc947a83c699e161762e9bc96e
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to