CVE-2026-11852

EUVD-2026-35998
Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Files managed by debusine are organized into artifacts. The endpoints that create and delete relationships between artifacts enforced no permissions checks beyond being able to see the artifacts in question.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Debian logo
Debian Releases
Debian Product
Codename
debusine
forky
0.14.9
fixed
sid
0.14.9
fixed
trixie
no-dsa
Common Weakness Enumeration
References
https://salsa.debian.org/freexian-team/debusine/-/commit/98104f46dc546a27a0326d5ef728ac7f426c430a
https://salsa.debian.org/freexian-team/debusine/-/merge_requests/2836
https://salsa.debian.org/freexian-team/debusine/-/work_items/1499