[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Tue, 24 Feb 2026 12:14:14 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
818abb10 by security tracker role at 2026-02-24T20:13:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,226 +1,374 @@
-CVE-2026-2793
+CVE-2026-3131 (Improper  access control in multiple DVLS REST API endpoints in 
Devolu ...)
+       TODO: check
+CVE-2026-3105 (SummaryThis advisory addresses a SQL injection vulnerability in 
the AP ...)
+       TODO: check
+CVE-2026-3102 (A vulnerability was determined in exiftool up to 13.49 on 
macOS. This  ...)
+       TODO: check
+CVE-2026-3101 (A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This 
vulnera ...)
+       TODO: check
+CVE-2026-2664 (An out of bounds read vulnerability in the grpcfuse kernel 
module pres ...)
+       TODO: check
+CVE-2026-2634 (Malicious scripts could cause desynchronization between the 
address ba ...)
+       TODO: check
+CVE-2026-2460 (A vulnerability exists in REB500 for an authenticated user with 
low-le ...)
+       TODO: check
+CVE-2026-2459 (A vulnerability exists in REB500 for an authenticated user with 
Instal ...)
+       TODO: check
+CVE-2026-27732 (WWBN AVideo is an open source video platform. Prior to version 
22.0, t ...)
+       TODO: check
+CVE-2026-27590 (Caddy is an extensible server platform that uses TLS by 
default. Prior ...)
+       TODO: check
+CVE-2026-27589 (Caddy is an extensible server platform that uses TLS by 
default. Prior ...)
+       TODO: check
+CVE-2026-27588 (Caddy is an extensible server platform that uses TLS by 
default. Prior ...)
+       TODO: check
+CVE-2026-27587 (Caddy is an extensible server platform that uses TLS by 
default. Prior ...)
+       TODO: check
+CVE-2026-27586 (Caddy is an extensible server platform that uses TLS by 
default. Prior ...)
+       TODO: check
+CVE-2026-27585 (Caddy is an extensible server platform that uses TLS by 
default. Prior ...)
+       TODO: check
+CVE-2026-27584 (Actual is a local-first personal finance tool. Prior to 
version 26.2.1 ...)
+       TODO: check
+CVE-2026-27571 (NATS-Server is a High-Performance server for NATS.io, a cloud 
and edge ...)
+       TODO: check
+CVE-2026-27568 (WWBN AVideo is an open source video platform. Prior to version 
21.0, A ...)
+       TODO: check
+CVE-2026-27567 (Payload is a free and open source headless content management 
system.  ...)
+       TODO: check
+CVE-2026-27521 (Binardat 10G08-0800GSM network switch firmware 
versionV300SP10260209an ...)
+       TODO: check
+CVE-2026-27520 (Binardat 10G08-0800GSM network switch firmware versions prior 
toV300SP ...)
+       TODO: check
+CVE-2026-27519 (Binardat 10G08-0800GSM network switch firmware 
versionV300SP10260209 a ...)
+       TODO: check
+CVE-2026-27518 (Binardat 10G08-0800GSM network switch firmware 
versionV300SP10260209 a ...)
+       TODO: check
+CVE-2026-27517 (Binardat 10G08-0800GSM network switch firmware 
versionV300SP10260209 a ...)
+       TODO: check
+CVE-2026-27516 (Binardat 10G08-0800GSM network switch firmware 
versionV300SP10260209 a ...)
+       TODO: check
+CVE-2026-27515 (Binardat 10G08-0800GSM network switch firmware versions prior 
toV300SP ...)
+       TODO: check
+CVE-2026-27507 (Binardat 10G08-0800GSM network switch firmware 
versionV300SP10260209 a ...)
+       TODO: check
+CVE-2026-27483 (MindsDB is a platform for building artificial intelligence 
from enterp ...)
+       TODO: check
+CVE-2026-27477 (Mastodon is a free, open-source social network server based on 
Activit ...)
+       TODO: check
+CVE-2026-27468 (Mastodon is a free, open-source social network server based on 
Activit ...)
+       TODO: check
+CVE-2026-27208 (bleon-ethical/api-gateway-deploy provides API gateway 
deployment. Vers ...)
+       TODO: check
+CVE-2026-27156 (NiceGUI is a Python-based UI framework. Prior to version 
3.8.0, severa ...)
+       TODO: check
+CVE-2026-26342 (Tattile Smart+, Vega, and Basic device families firmware 
versions 1.18 ...)
+       TODO: check
+CVE-2026-26341 (Tattile Smart+, Vega, and Basic device families firmware 
versions 1.18 ...)
+       TODO: check
+CVE-2026-26340 (Tattile Smart+, Vega, and Basic device families firmware 
versions 1.18 ...)
+       TODO: check
+CVE-2026-26222 (Altec DocLink (now maintained by Beyond Limits Inc.) version 
4.0.336.0 ...)
+       TODO: check
+CVE-2026-25603 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
+       TODO: check
+CVE-2026-24241 (NVIDIA Delegated Licensing Service for all appliance platforms 
contain ...)
+       TODO: check
+CVE-2026-23984 (An Improper Input Validation vulnerability exists in Apache 
Superset t ...)
+       TODO: check
+CVE-2026-23983 (A Sensitive Data Exposure vulnerability exists in Apache 
Superset allo ...)
+       TODO: check
+CVE-2026-23982 (An Improper Authorization vulnerability exists in Apache 
Superset that ...)
+       TODO: check
+CVE-2026-23980 (Improper Neutralization of Special Elements used in a SQL 
Command ('SQ ...)
+       TODO: check
+CVE-2026-23969 (Apache Superset utilizes a configurable dictionary, 
DISALLOWED_SQL_FUN ...)
+       TODO: check
+CVE-2026-23859 (Dell Wyse Management Suite, versions prior to WMS 5.5, contain 
a Clien ...)
+       TODO: check
+CVE-2026-23858 (Dell Wyse Management Suite, versions prior to WMS 5.5, contain 
an Impr ...)
+       TODO: check
+CVE-2026-23678 (Binardat 10G08-0800GSM network switch firmware 
versionV300SP10260209 a ...)
+       TODO: check
+CVE-2026-22766 (Dell Wyse Management Suite, versions prior to WMS 5.5, contain 
an Unre ...)
+       TODO: check
+CVE-2026-22765 (Dell Wyse Management Suite, versions prior to WMS 5.5, contain 
a Missi ...)
+       TODO: check
+CVE-2026-1773 (IEC 60870-5-104: Potential Denial of Service impact on 
reception of in ...)
+       TODO: check
+CVE-2026-1772 (RTU500 web interface: An unprivileged user can read user 
management in ...)
+       TODO: check
+CVE-2026-1768 (A permission cache poisoning vulnerability in Devolutions 
Server allow ...)
+       TODO: check
+CVE-2026-0402 (A post-authentication Out-of-bounds Read vulnerability in 
SonicOS allo ...)
+       TODO: check
+CVE-2026-0401 (A post-authentication NULL Pointer Dereference vulnerability in 
SonicO ...)
+       TODO: check
+CVE-2026-0400 (A post-authentication Format String vulnerability in SonicOS 
allows a  ...)
+       TODO: check
+CVE-2026-0399 (Multiple post-authentication stack-based buffer overflow 
vulnerabiliti ...)
+       TODO: check
+CVE-2025-69985 (FUXA 1.2.8 and prior contains an Authentication Bypass 
vulnerability l ...)
+       TODO: check
+CVE-2025-67445 (TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a 
denial-of-service v ...)
+       TODO: check
+CVE-2025-63409 (Privilege escalation and improper access control in GCOM EPON 
1GE C00R ...)
+       TODO: check
+CVE-2025-62512 (Piwigo is an open source photo gallery application for the 
web. In ver ...)
+       TODO: check
+CVE-2025-47904 (Download of Code Without Integrity Check vulnerability in 
Microchip Ti ...)
+       TODO: check
+CVE-2025-33181 (NVIDIA Cumulus Linux and NVOS products contain a vulnerability 
in the  ...)
+       TODO: check
+CVE-2025-33180 (NVIDIA Cumulus Linux and NVOS products contain a vulnerability 
in the  ...)
+       TODO: check
+CVE-2025-33179 (NVIDIA Cumulus Linux and NVOS products contain a vulnerability 
in the  ...)
+       TODO: check
+CVE-2025-27555 (Airflow versions before 2.11.1 have a vulnerability that 
allows authen ...)
+       TODO: check
+CVE-2025-1789 (Local privilege escalation in Genetec Update Service. An 
authenticated ...)
+       TODO: check
+CVE-2025-1787 (Local admin could to leak information from the Genetec Update 
Service  ...)
+       TODO: check
+CVE-2025-14963 (A vulnerability identified in the Trellix HX Agent driver file 
 fekern ...)
+       TODO: check
+CVE-2025-14577 (Slican NCP/IPL/IPM/IPU devices are vulnerable to PHP Function 
Injectio ...)
+       TODO: check
+CVE-2025-13776 (Multiple Finka programs use hard-coded Firebird database 
credentials ( ...)
+       TODO: check
+CVE-2025-11165 (A sandbox escape vulnerability exists in dotCMS\u2019s 
Velocity script ...)
+       TODO: check
+CVE-2025-10010 (The CPSD CryptoPro Secure Disk application boots a small Linux 
operati ...)
+       TODO: check
+CVE-2024-56373 (DAG Author (who already has quite a lot of permissions) could 
manipula ...)
+       TODO: check
+CVE-2024-48928 (Piwigo is an open source photo gallery application for the 
web. In ver ...)
+       TODO: check
+CVE-2024-1524 (When the "Silent Just-In-Time Provisioning" feature is enabled 
for a f ...)
+       TODO: check
+CVE-2026-2793 (Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 
140.7, T ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2793
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2793
-CVE-2026-2792
+CVE-2026-2792 (Memory safety bugs present in Firefox ESR 140.7, Thunderbird 
ESR 140.7 ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2792
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2792
-CVE-2026-2807
+CVE-2026-2807 (Memory safety bugs present in Firefox 147 and Thunderbird 147. 
Some of ...)
        - firefox <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2807
-CVE-2026-2791
+CVE-2026-2791 (Mitigation bypass in the Networking: Cache component. This 
vulnerabili ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2791
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2791
-CVE-2026-2790
+CVE-2026-2790 (Same-origin policy bypass in the Networking: JAR component. 
This vulne ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2790
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2790
-CVE-2026-2806
+CVE-2026-2806 (Uninitialized memory in the Graphics: Text component. This 
vulnerabili ...)
        - firefox <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2806
-CVE-2026-2789
+CVE-2026-2789 (Use-after-free in the Graphics: ImageLib component. This 
vulnerability ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2789
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2789
-CVE-2026-2788
+CVE-2026-2788 (Incorrect boundary conditions in the Audio/Video: GMP 
component. This  ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2788
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2788
-CVE-2026-2787
+CVE-2026-2787 (Use-after-free in the DOM: Window and Location component. This 
vulnera ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2787
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2787
-CVE-2026-2805
+CVE-2026-2805 (Invalid pointer in the DOM: Core & HTML component. This 
vulnerability  ...)
        - firefox <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2805
-CVE-2026-2786
+CVE-2026-2786 (Use-after-free in the JavaScript Engine component. This 
vulnerability  ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2786
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2786
-CVE-2026-2804
+CVE-2026-2804 (Use-after-free in the JavaScript: WebAssembly component. This 
vulnerab ...)
        - firefox <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2804
-CVE-2026-2785
+CVE-2026-2785 (Invalid pointer in the JavaScript Engine component. This 
vulnerability ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2785
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2785
-CVE-2026-2784
+CVE-2026-2784 (Mitigation bypass in the DOM: Security component. This 
vulnerability a ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2784
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2784
-CVE-2026-2803
+CVE-2026-2803 (Information disclosure, mitigation bypass in the Settings UI 
component ...)
        - firefox <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2803
-CVE-2026-2802
+CVE-2026-2802 (Race condition in the JavaScript: GC component. This 
vulnerability aff ...)
        - firefox <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2802
-CVE-2026-2783
+CVE-2026-2783 (Information disclosure due to JIT miscompilation in the 
JavaScript Eng ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2783
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2783
-CVE-2026-2782
+CVE-2026-2782 (Privilege escalation in the Netmonitor component. This 
vulnerability a ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2782
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2782
-CVE-2026-2801
+CVE-2026-2801 (Incorrect boundary conditions in the JavaScript: WebAssembly 
component ...)
        - firefox <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2801
-CVE-2026-2781
+CVE-2026-2781 (Integer overflow in the Libraries component in NSS. This 
vulnerability ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2781
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2781
-CVE-2026-2780
+CVE-2026-2780 (Privilege escalation in the Netmonitor component. This 
vulnerability a ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2780
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2780
-CVE-2026-2800
+CVE-2026-2800 (Spoofing issue in the WebAuthn component in Firefox for 
Android. This  ...)
        - firefox <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2800
-CVE-2026-2779
+CVE-2026-2779 (Incorrect boundary conditions in the Networking: JAR component. 
This v ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2779
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2779
-CVE-2026-2778
+CVE-2026-2778 (Sandbox escape due to incorrect boundary conditions in the DOM: 
Core & ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2778
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2778
-CVE-2026-2777
+CVE-2026-2777 (Privilege escalation in the Messaging System component. This 
vulnerabi ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2777
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2777
-CVE-2026-2776
+CVE-2026-2776 (Sandbox escape due to incorrect boundary conditions in the 
Telemetry c ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2776
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2776
-CVE-2026-2775
+CVE-2026-2775 (Mitigation bypass in the DOM: HTML Parser component. This 
vulnerabilit ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2775
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2775
-CVE-2026-2774
+CVE-2026-2774 (Integer overflow in the Audio/Video component. This 
vulnerability affe ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2774
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2774
-CVE-2026-2773
+CVE-2026-2773 (Incorrect boundary conditions in the Web Audio component. This 
vulnera ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2773
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2773
-CVE-2026-2772
+CVE-2026-2772 (Use-after-free in the Audio/Video: Playback component. This 
vulnerabil ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2772
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2772
-CVE-2026-2771
+CVE-2026-2771 (Undefined behavior in the DOM: Core & HTML component. This 
vulnerabili ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2771
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2771
-CVE-2026-2770
+CVE-2026-2770 (Use-after-free in the DOM: Bindings (WebIDL) component. This 
vulnerabi ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2770
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2770
-CVE-2026-2799
+CVE-2026-2799 (Use-after-free in the DOM: Core & HTML component. This 
vulnerability a ...)
        - firefox <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2799
-CVE-2026-2769
+CVE-2026-2769 (Use-after-free in the Storage: IndexedDB component. This 
vulnerability ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2769
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2769
-CVE-2026-2798
+CVE-2026-2798 (Use-after-free in the DOM: Core & HTML component. This 
vulnerability a ...)
        - firefox <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2798
-CVE-2026-2768
+CVE-2026-2768 (Sandbox escape in the Storage: IndexedDB component. This 
vulnerability ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2768
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2768
-CVE-2026-2767
+CVE-2026-2767 (Use-after-free in the JavaScript: WebAssembly component. This 
vulnerab ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2767
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2767
-CVE-2026-2766
+CVE-2026-2766 (Use-after-free in the JavaScript Engine: JIT component. This 
vulnerabi ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2766
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2766
-CVE-2026-2765
+CVE-2026-2765 (Use-after-free in the JavaScript Engine component. This 
vulnerability  ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2765
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2765
-CVE-2026-2797
+CVE-2026-2797 (Use-after-free in the JavaScript: GC component. This 
vulnerability aff ...)
        - firefox <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2797
-CVE-2026-2796
+CVE-2026-2796 (JIT miscompilation in the JavaScript: WebAssembly component. 
This vuln ...)
        - firefox <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2796
-CVE-2026-2764
+CVE-2026-2764 (JIT miscompilation, use-after-free in the JavaScript Engine: 
JIT compo ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2764
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2764
-CVE-2026-2763
+CVE-2026-2763 (Use-after-free in the JavaScript Engine component. This 
vulnerability  ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2763
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2763
-CVE-2026-2762
+CVE-2026-2762 (Integer overflow in the JavaScript: Standard Library component. 
This v ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2762
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2762
-CVE-2026-2761
+CVE-2026-2761 (Sandbox escape in the Graphics: WebRender component. This 
vulnerabilit ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2761
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2761
-CVE-2026-2760
+CVE-2026-2760 (Sandbox escape due to incorrect boundary conditions in the 
Graphics: W ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2760
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2760
-CVE-2026-2795
+CVE-2026-2795 (Use-after-free in the JavaScript: GC component. This 
vulnerability aff ...)
        - firefox <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2795
-CVE-2026-2759
+CVE-2026-2759 (Incorrect boundary conditions in the Graphics: ImageLib 
component. Thi ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2759
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2759
-CVE-2026-2758
+CVE-2026-2758 (Use-after-free in the JavaScript: GC component. This 
vulnerability aff ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2758
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2758
-CVE-2026-2794
+CVE-2026-2794 (Information disclosure due to uninitialized memory in Firefox 
and Fire ...)
        - firefox <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2794
-CVE-2026-2757
+CVE-2026-2757 (Incorrect boundary conditions in the WebRTC: Audio/Video 
component. Th ...)
        - firefox <unfixed>
        - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2757
@@ -496,7 +644,7 @@ CVE-2026-24314 (Under certain conditions SAP S/4HANA 
(Manage Payment Media) allo
        NOT-FOR-US: SAP
 CVE-2026-23694 (Aruba HiSpeed Cache (aruba-hispeed-cache) WordPress plugin 
versions pr ...)
        NOT-FOR-US: Aruba HiSpeed Cache (aruba-hispeed-cache) WordPress plugin
-CVE-2026-23693 (ElementsKit Lite (elementskit-lite) WordPress plugin versions 
prior to ...)
+CVE-2026-23693 (ElementsKit Elementor Addons \u2013 Advanced Widgets & 
Templates Addon ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-23521 (Versions of the Traccar open-source GPS tracking system up to 
and incl ...)
        NOT-FOR-US: Traccar



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/818abb10f08f299787847591abd68a0ee73040c4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/818abb10f08f299787847591abd68a0ee73040c4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to