notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC		 Ukraine
The recently imposed "must be logged in" restriction is a response to increased bot traffic on the site. This affects search, commits, and vuxml pages.
Search engines are not blocked. Try using "site:www.freshports.org" and your search terms.
Port details
vuxml Vulnerability and eXposure Markup Language DTD
1.1_6 security on this many watch lists=33 search for ports that depend on this port Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 1.1_6Version of this port present on the latest quarterly branch.
Maintainer: ports-secteam@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2004-02-12 14:24:23
Last Update: 2026-06-07 09:02:52
Commit Hash: 7657d06
People watching this port, also watch:: gnupg, libxml2, nmap, curl, postfix
Also Listed In: textproc
License: BSD2CLAUSE
WWW:
https://vuxml.freebsd.org/
Description:
VuXML (the Vulnerability and eXposure Markup Language) is an XML application for documenting security bugs and corrections within a software package collection such as the FreeBSD Ports Collection. This port installs the DTDs required for validating VuXML documents.
Homepage    cgit ¦ Codeberg ¦ GitHub ¦ GitLab ¦ SVNWeb

Manual pages:
FreshPorts has no man page information for this port.
pkg-plist: as obtained via: make generate-plist
Expand this list (13 items)
Collapse this list.
  1. /usr/local/share/licenses/vuxml-1.1_6/catalog.mk
  2. /usr/local/share/licenses/vuxml-1.1_6/LICENSE
  3. /usr/local/share/licenses/vuxml-1.1_6/BSD2CLAUSE
  4. @xmlcatmgr share/xml/dtd/vuxml/catalog
  5. @xmlcatmgr share/xml/dtd/vuxml/catalog.xml
  6. share/xml/dtd/vuxml/vuxml-10.dtd
  7. share/xml/dtd/vuxml/vuxml-11.dtd
  8. share/xml/dtd/vuxml/vuxml-model-10.mod
  9. share/xml/dtd/vuxml/vuxml-model-11.mod
  10. share/xml/dtd/vuxml/xml1.dcl
  11. @owner
  12. @group
  13. @mode
Collapse this list.
USE_RC_SUBR (Service Scripts)
  • no SUBR information found for this port
Dependency lines:
  • vuxml>0:security/vuxml
To install the port:
cd /usr/ports/security/vuxml/ && make install clean
To add the package, run one of these commands:
  • pkg install security/vuxml
  • pkg install vuxml
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
PKGNAME: vuxml
Flavors: there is no flavor information for this port.
distinfo:
SHA256 (vuxml/vuxml-10.dtd) = 6a635ad2cf45f52361c8c2a29a689157fad4d00519045485bc822d34e04a524e SIZE (vuxml/vuxml-10.dtd) = 2986 SHA256 (vuxml/vuxml-model-10.mod) = 051fed00b52bedde8ee901003fc29f7b95cd904157e31ceef34e6b06f2d1a14a

Expand this list (11 items)

Collapse this list.

SIZE (vuxml/vuxml-model-10.mod) = 10599 SHA256 (vuxml/vuxml-11.dtd) = 12b50061d7bb34cecffede2e08d439e4469324376d55aeb7c73eb6aab0f36af1 SIZE (vuxml/vuxml-11.dtd) = 3063 SHA256 (vuxml/vuxml-model-11.mod) = a40777208625a3029c6f416aeeea733f614802a6a5f26035a4e445a09e61a47c SIZE (vuxml/vuxml-model-11.mod) = 13282 SHA256 (vuxml/xml1.dcl) = 343efa94c4e1302e85e08b2d1791d86e50aac1ecdbc3161daecac100e4726847 SIZE (vuxml/xml1.dcl) = 7372 SHA256 (vuxml/catalog) = 479a69cf02995603443fd1f3b5b33f97811670931f87f53be99a727d664abc66 SIZE (vuxml/catalog) = 549 SHA256 (vuxml/catalog.xml) = 7b2e2850f57264eeba0ccd3d1fc161b9d5ce3071ae0ec51b9da7fa956f2a6509 SIZE (vuxml/catalog.xml) = 2150

Collapse this list.

Packages (timestamps in pop-ups are UTC):
vuxml
ABIaarch64amd64armv6armv7i386powerpcpowerpc64powerpc64le
FreeBSD:13:latest1.1_61.1_61.1_51.1_61.1_6n/an/an/a
FreeBSD:13:quarterly1.1_61.1_61.1_61.1_61.1_6n/an/an/a
FreeBSD:14:latest1.1_61.1_61.1_61.1_61.1_61.1_6-1.1_6
FreeBSD:14:quarterly1.1_61.1_6-1.1_61.1_61.1_61.1_61.1_6
FreeBSD:15:latest1.1_61.1_6n/a1.1_6n/an/a1.1_61.1_6
FreeBSD:15:quarterly1.1_61.1_6n/a-n/an/a--
FreeBSD:16:latest1.1_61.1_6n/a-n/an/a--
Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Runtime dependencies:
  1. xmlcatmgr : textproc/xmlcatmgr
  2. xsltproc : textproc/libxslt
  3. VERSION : textproc/xhtml-modularization
  4. xhtml-basic10.dtd : textproc/xhtml-basic
  5. python3.11 : lang/python311
There are no ports dependent upon this port
Configuration Options:
No options to configure
Options name:
security_vuxml
USES:
python:run
FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. http://www.vuxml.org/dtd/vuxml-1/
Collapse this list.

Number of commits found: 8056 (showing only 100 on this page)

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]

Commit History - (may be incomplete: for full details, see links to repositories near top of page)
CommitCreditsLog message
1.1_6
07 Jun 2026 09:02:52
commit hash: 7657d0656ac33e76ca33adfbbe2bb649bb294ceecommit hash: 7657d0656ac33e76ca33adfbbe2bb649bb294ceecommit hash: 7657d0656ac33e76ca33adfbbe2bb649bb294ceecommit hash: 7657d0656ac33e76ca33adfbbe2bb649bb294cee files touched by this commit		 Bernard Spil (brnrd) search for other commits by this committer 
security/vuxml: Document WeeChat 4.9.0 vulnerabilities
1.1_6
07 Jun 2026 08:55:11
commit hash: 5dfc8caf3813eae49342e6490ab8a61a2d3ca9d2commit hash: 5dfc8caf3813eae49342e6490ab8a61a2d3ca9d2commit hash: 5dfc8caf3813eae49342e6490ab8a61a2d3ca9d2commit hash: 5dfc8caf3813eae49342e6490ab8a61a2d3ca9d2 files touched by this commit		 Bernard Spil (brnrd) search for other commits by this committer 
security/vuxml: Document WeeChat vulnerabilities
1.1_6
06 Jun 2026 05:08:24
commit hash: 9c341050f83e57496929e38ae081966c8aee516bcommit hash: 9c341050f83e57496929e38ae081966c8aee516bcommit hash: 9c341050f83e57496929e38ae081966c8aee516bcommit hash: 9c341050f83e57496929e38ae081966c8aee516b files touched by this commit		 Matthias Fechner (mfechner) search for other commits by this committer 
security/vuxml: document gitlab vulnerabilities
1.1_6
06 Jun 2026 01:23:46
commit hash: 4017ca9200ee982548996faaf8fc14d14761b7a2commit hash: 4017ca9200ee982548996faaf8fc14d14761b7a2commit hash: 4017ca9200ee982548996faaf8fc14d14761b7a2commit hash: 4017ca9200ee982548996faaf8fc14d14761b7a2 files touched by this commit		 Sergey A. Osokin (osa) search for other commits by this committer 
security/vuxml: add CVEs for xorg-server and xwayland

Sponsored by:	tipi.work
1.1_6
04 Jun 2026 21:01:17
commit hash: d336f6df77645f61c9cbdaa595cd71835710fb6ccommit hash: d336f6df77645f61c9cbdaa595cd71835710fb6ccommit hash: d336f6df77645f61c9cbdaa595cd71835710fb6ccommit hash: d336f6df77645f61c9cbdaa595cd71835710fb6c files touched by this commit		 Fernando Apesteguía (fernape) search for other commits by this committer 
security/vuxml: Fix nginx entry

PR:		295797
Reported by:	tomas@ciernik.sk and others
1.1_6
04 Jun 2026 18:58:21
commit hash: bdf70f4f413c7991e6516ffea8937ef3337d037bcommit hash: bdf70f4f413c7991e6516ffea8937ef3337d037bcommit hash: bdf70f4f413c7991e6516ffea8937ef3337d037bcommit hash: bdf70f4f413c7991e6516ffea8937ef3337d037b files touched by this commit		 Florian Smeets (flo) search for other commits by this committer 
security/vuxml: Document PowerDNS vulnerabilities
1.1_6
04 Jun 2026 08:15:04
commit hash: cc2732f402639c204940e8e24509d1048310567bcommit hash: cc2732f402639c204940e8e24509d1048310567bcommit hash: cc2732f402639c204940e8e24509d1048310567bcommit hash: cc2732f402639c204940e8e24509d1048310567b files touched by this commit		 Bernard Spil (brnrd) search for other commits by this committer 
security/vuxml: Document Apache DoS vulnerability
1.1_6
04 Jun 2026 00:52:50
commit hash: 226b23044ee7ea8141309e217f14c14c7c3fe02bcommit hash: 226b23044ee7ea8141309e217f14c14c7c3fe02bcommit hash: 226b23044ee7ea8141309e217f14c14c7c3fe02bcommit hash: 226b23044ee7ea8141309e217f14c14c7c3fe02b files touched by this commit		 Philip Paeps (philip) search for other commits by this committer 
security/vuxml: remove bogus <cvename/> references

ZDI-CAN-* references are not CVEs.  They are internal references from a
security company.  CVEs that don't exist upset the vuxmlbuild.
1.1_6
02 Jun 2026 01:37:15
commit hash: d22150a1acfdda896d0bdf9bcc0449af3cb904eccommit hash: d22150a1acfdda896d0bdf9bcc0449af3cb904eccommit hash: d22150a1acfdda896d0bdf9bcc0449af3cb904eccommit hash: d22150a1acfdda896d0bdf9bcc0449af3cb904ec files touched by this commit		 Sergey A. Osokin (osa) search for other commits by this committer 
security/vuxml: add xwayland vulnerabilities

Sponsored by:	tipi.work
1.1_6
02 Jun 2026 01:21:51
commit hash: 990dcd812e56310b11b7365dc022b9ebd88bd2d1commit hash: 990dcd812e56310b11b7365dc022b9ebd88bd2d1commit hash: 990dcd812e56310b11b7365dc022b9ebd88bd2d1commit hash: 990dcd812e56310b11b7365dc022b9ebd88bd2d1 files touched by this commit		 Sergey A. Osokin (osa) search for other commits by this committer 
security/vuxml: add xorg-server vulnerabilities
1.1_6
02 Jun 2026 01:12:20
commit hash: 36ffcd2e8592410d8bce5038a2f90d15295a0eafcommit hash: 36ffcd2e8592410d8bce5038a2f90d15295a0eafcommit hash: 36ffcd2e8592410d8bce5038a2f90d15295a0eafcommit hash: 36ffcd2e8592410d8bce5038a2f90d15295a0eaf files touched by this commit		 Sergey A. Osokin (osa) search for other commits by this committer 
security/vuxml: fix x11-servers/xorg-server's PORTEPOCH

% make -V PORTEPOCH -f /usr/ports/x11-servers/xorg-server/Makefile
1

Sponsored by:	tipi.work
1.1_6
31 May 2026 16:12:33
commit hash: 5399aa48fb4b8375a795bb9cdc620e9ad31dc02bcommit hash: 5399aa48fb4b8375a795bb9cdc620e9ad31dc02bcommit hash: 5399aa48fb4b8375a795bb9cdc620e9ad31dc02bcommit hash: 5399aa48fb4b8375a795bb9cdc620e9ad31dc02b files touched by this commit		 Fernando Apesteguía (fernape) search for other commits by this committer 
security/vuxml: Fix nginx entry

The range seems wrong according to https://nginx.org/en/CHANGES:

Changes with nginx 1.31.1                                        22 May 2026

    *) Security: a heap memory buffer overflow might occur in a worker
       process when using a configuration with overlapping captures in
       ngx_http_rewrite_module, potentially resulting in arbitrary code
       execution (CVE-2026-9256).
       Thanks to Mufeed VH of Winfunc Research.
1.1_6
30 May 2026 12:44:19
commit hash: 5301551513023693b620eba221acea3921add31ccommit hash: 5301551513023693b620eba221acea3921add31ccommit hash: 5301551513023693b620eba221acea3921add31ccommit hash: 5301551513023693b620eba221acea3921add31c files touched by this commit		 Robert Nagy (rnagy) search for other commits by this committer 
security/vuxml: add www/*chromium < 148.0.7778.215

Obtained
from:	https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html
1.1_6
30 May 2026 09:12:34
commit hash: dcd262a7a57158c6f14c2255239b7815c40abdc2commit hash: dcd262a7a57158c6f14c2255239b7815c40abdc2commit hash: dcd262a7a57158c6f14c2255239b7815c40abdc2commit hash: dcd262a7a57158c6f14c2255239b7815c40abdc2 files touched by this commit		 Bernard Spil (brnrd) search for other commits by this committer 
security/vuxml: Add missing PORTEPOCH for many entries

fixes portepoch warnings from `make validate`
While here: fix some whitespace
1.1_6
30 May 2026 08:52:12
commit hash: 7d214142b157920c6d0852f562c046efeef65fd1commit hash: 7d214142b157920c6d0852f562c046efeef65fd1commit hash: 7d214142b157920c6d0852f562c046efeef65fd1commit hash: 7d214142b157920c6d0852f562c046efeef65fd1 files touched by this commit		 Bernard Spil (brnrd) search for other commits by this committer 
security/vuxml: Only MariaDB Cluster vulnerable
1.1_6
30 May 2026 08:43:05
commit hash: 83f9333eeb4239546812c8254ffda8052f3fbe56commit hash: 83f9333eeb4239546812c8254ffda8052f3fbe56commit hash: 83f9333eeb4239546812c8254ffda8052f3fbe56commit hash: 83f9333eeb4239546812c8254ffda8052f3fbe56 files touched by this commit		 Bernard Spil (brnrd) search for other commits by this committer 
security/vuxml: Add missing CVE for MariaDB
1.1_6
29 May 2026 21:33:24
commit hash: 0a0abf3f77d18d9e187406155951539119042535commit hash: 0a0abf3f77d18d9e187406155951539119042535commit hash: 0a0abf3f77d18d9e187406155951539119042535commit hash: 0a0abf3f77d18d9e187406155951539119042535 files touched by this commit		 Fernando Apesteguía (fernape) search for other commits by this committer 
security/vuxml: Add www/gohugo vulnerabilities

 * CVE-2026-39826
 * CVE-2026-39823
1.1_6
29 May 2026 12:58:27
commit hash: ca95ba2993f2c207b352fbe7b1f692f5fe3cf140commit hash: ca95ba2993f2c207b352fbe7b1f692f5fe3cf140commit hash: ca95ba2993f2c207b352fbe7b1f692f5fe3cf140commit hash: ca95ba2993f2c207b352fbe7b1f692f5fe3cf140 files touched by this commit		 Bernard Spil (brnrd) search for other commits by this committer 
security/vuxml: Document MariaDB vulnerabilities
1.1_6
28 May 2026 17:33:02
commit hash: 892d517aca30f6ecc3e950ce29628c7dfb49b0e5commit hash: 892d517aca30f6ecc3e950ce29628c7dfb49b0e5commit hash: 892d517aca30f6ecc3e950ce29628c7dfb49b0e5commit hash: 892d517aca30f6ecc3e950ce29628c7dfb49b0e5 files touched by this commit		 Guido Falsi (madpilot) search for other commits by this committer 
security/vuxml: Report mailpit vulnerability
1.1_6
28 May 2026 07:18:13
commit hash: 22b501f5992a8c44318795850818437d461ee578commit hash: 22b501f5992a8c44318795850818437d461ee578commit hash: 22b501f5992a8c44318795850818437d461ee578commit hash: 22b501f5992a8c44318795850818437d461ee578 files touched by this commit		 Jochen Neumeister (joneum) search for other commits by this committer
Author: Matthias Andree		 
security/vuxml: Add OpenEXR vulnerabilities

PR:	295508
Sponsored by:	Netzkommune GmbH
1.1_6
28 May 2026 05:27:23
commit hash: 64794e974307779e6d74a7f40b3fa36fb488e944commit hash: 64794e974307779e6d74a7f40b3fa36fb488e944commit hash: 64794e974307779e6d74a7f40b3fa36fb488e944commit hash: 64794e974307779e6d74a7f40b3fa36fb488e944 files touched by this commit		 Jimmy Olgeni (olgeni) search for other commits by this committer 
security/vuxml: Document Erlang/OTP TLS/public_key vulnerabilities
1.1_6
26 May 2026 13:06:04
commit hash: 9bfe0d3977bd2e863bf86482ee0e2382d0b90487commit hash: 9bfe0d3977bd2e863bf86482ee0e2382d0b90487commit hash: 9bfe0d3977bd2e863bf86482ee0e2382d0b90487commit hash: 9bfe0d3977bd2e863bf86482ee0e2382d0b90487 files touched by this commit		 Yusuf Yaman (nxjoseph) search for other commits by this committer
Author: Boris Korzun		 
security/vuxml: Add www/grafana vulnerabilities

- XSS in Grafana Explore stack trace (CVE-2025-41117)
- Public Dashboards time range restriction on annotations can be bypassed
(CVE-2026-21722)
- RCE on Grafana via sqlExpressions (CVE-2026-27876)
- Public dashboards discloses all direct mode datasources (CVE-2026-27877)
- Query resampling can cause unbounded memory allocations (CVE-2026-27879)
- OpenFeature evaluation API reads input data with no bounds (CVE-2026-27880)
- Grafana Testdata datasource can issue unbounded memory allocations
(CVE-2026-28375)
- Grafana MSSQL Data Source Plugin: Restriction Bypass Leading to OOM DoS
(CVE-2026-33375)

PR:		294105
Reported by:	Boris Korzun <drtr0jan@yandex.ru>
1.1_6
26 May 2026 12:01:47
commit hash: bcfad8754e683583ad46269fe30a7f2d228b8714commit hash: bcfad8754e683583ad46269fe30a7f2d228b8714commit hash: bcfad8754e683583ad46269fe30a7f2d228b8714commit hash: bcfad8754e683583ad46269fe30a7f2d228b8714 files touched by this commit		 Michael Gmelin (grembo) search for other commits by this committer 
security/vuxml: Add PORTEPOCH validation

This adds a check if portepoch has been forgotten
in affected version range specifications, which leads
to pkg audit not reporting a vulnerability.

Usage:

    make check-portepoch

This is also invoked when running `make validate`.

Approved by:	fernape (ports-secteam)
Differential Revision:	https://reviews.freebsd.org/D57193
1.1_6
25 May 2026 07:33:17
commit hash: 399058bca85693b3d730c038ec8be135d459a89ccommit hash: 399058bca85693b3d730c038ec8be135d459a89ccommit hash: 399058bca85693b3d730c038ec8be135d459a89ccommit hash: 399058bca85693b3d730c038ec8be135d459a89c files touched by this commit		 Baptiste Daroussin (bapt) search for other commits by this committer 
security/vuxml: document jellyfin < 10.11.10 vulnerabilities

Three security advisories fixed in jellyfin 10.11.10:
- GHSA-f47c-m7gr-q92j
- GHSA-jg92-mrxq-vv75
- GHSA-wwwm-px48-fpvq

References:
https://github.com/jellyfin/jellyfin/security/advisories/GHSA-f47c-m7gr-q92j
https://github.com/jellyfin/jellyfin/security/advisories/GHSA-jg92-mrxq-vv75
https://github.com/jellyfin/jellyfin/security/advisories/GHSA-wwwm-px48-fpvq
https://github.com/jellyfin/jellyfin/releases/tag/v10.11.10
1.1_6
24 May 2026 10:26:09
commit hash: 04fedb284cca18b77e1743e8158976348fad3959commit hash: 04fedb284cca18b77e1743e8158976348fad3959commit hash: 04fedb284cca18b77e1743e8158976348fad3959commit hash: 04fedb284cca18b77e1743e8158976348fad3959 files touched by this commit		 Bernard Spil (brnrd) search for other commits by this committer 
security/vuxml: Document Roundcube Webmail vulnerabilities
1.1_6
24 May 2026 08:51:56
commit hash: 68648bc81851fdefd3e7abf14491bceedc7089dfcommit hash: 68648bc81851fdefd3e7abf14491bceedc7089dfcommit hash: 68648bc81851fdefd3e7abf14491bceedc7089dfcommit hash: 68648bc81851fdefd3e7abf14491bceedc7089df files touched by this commit		 Thomas Zander (riggs) search for other commits by this committer 
security/vuxml: Document REST vulnerability in traefik
1.1_6
24 May 2026 07:15:59
commit hash: 17bd36f8448ccb4439f059a3d7ac430ac9b37dc5commit hash: 17bd36f8448ccb4439f059a3d7ac430ac9b37dc5commit hash: 17bd36f8448ccb4439f059a3d7ac430ac9b37dc5commit hash: 17bd36f8448ccb4439f059a3d7ac430ac9b37dc5 files touched by this commit		 Jochen Neumeister (joneum) search for other commits by this committer
Author: Matthias Andree		 
security/vuxml: Add entry for putty

PR:	295501
Sponsored by:	Netzkommune GmbH
1.1_6
22 May 2026 17:09:55
commit hash: ce3f4f3927f623c30ae24662b6d07b04c9353f4fcommit hash: ce3f4f3927f623c30ae24662b6d07b04c9353f4fcommit hash: ce3f4f3927f623c30ae24662b6d07b04c9353f4fcommit hash: ce3f4f3927f623c30ae24662b6d07b04c9353f4f files touched by this commit		 Jochen Neumeister (joneum) search for other commits by this committer 
security/vuxml: Add entry for NGINX

PR:	295498
Sponsored by:	Netzkommune GmbH
1.1_6
22 May 2026 16:23:25
commit hash: 2e4f790b425e660abc06bc75cf9228489d42953ecommit hash: 2e4f790b425e660abc06bc75cf9228489d42953ecommit hash: 2e4f790b425e660abc06bc75cf9228489d42953ecommit hash: 2e4f790b425e660abc06bc75cf9228489d42953e files touched by this commit		 Jason E. Hale (jhale) search for other commits by this committer 
security/vuxml: Document GStreamer1 < 1.28.3
1.1_6
22 May 2026 16:23:24
commit hash: e992d60d35d59a4ea7ddfa81867d229aa9355c8acommit hash: e992d60d35d59a4ea7ddfa81867d229aa9355c8acommit hash: e992d60d35d59a4ea7ddfa81867d229aa9355c8acommit hash: e992d60d35d59a4ea7ddfa81867d229aa9355c8a files touched by this commit		 Jason E. Hale (jhale) search for other commits by this committer 
security/vuxml: Document GStreamer1 < 1.28.2
1.1_6
21 May 2026 16:21:49
commit hash: 751fe245382ca999319c3a4292149f362d05bf23commit hash: 751fe245382ca999319c3a4292149f362d05bf23commit hash: 751fe245382ca999319c3a4292149f362d05bf23commit hash: 751fe245382ca999319c3a4292149f362d05bf23 files touched by this commit		 Jason E. Hale (jhale) search for other commits by this committer 
security/vuxml: Document www/qt6-webengine < 6.11.1
1.1_6
21 May 2026 09:03:53
commit hash: 94d9b1f01c5fe4244526948cea66ec0e79ba6414commit hash: 94d9b1f01c5fe4244526948cea66ec0e79ba6414commit hash: 94d9b1f01c5fe4244526948cea66ec0e79ba6414commit hash: 94d9b1f01c5fe4244526948cea66ec0e79ba6414 files touched by this commit		 Rodrigo Osorio (rodrigo) search for other commits by this committer 
security/vuxml: Document net/rsync vulnerability

    - CVE-2026-29518
    - CVE-2026-43617
    - CVE-2026-43618
    - CVE-2026-43619
    - CVE-2026-43620
    - CVE-2026-45232
1.1_6
21 May 2026 01:51:29
commit hash: b6498d9e93270513e4deaf53da67485ff1fae3c9commit hash: b6498d9e93270513e4deaf53da67485ff1fae3c9commit hash: b6498d9e93270513e4deaf53da67485ff1fae3c9commit hash: b6498d9e93270513e4deaf53da67485ff1fae3c9 files touched by this commit		 Philip Paeps (philip) search for other commits by this committer 
security/vuxml: add FreeBSD SAs issued on 2026-05-20

FreeBSD-SA-26:18.setcred affects all supported releases
FreeBSD-SA-26:19.file affects all supported releases
FreeBSD-SA-26:20.fusefs affects all supported releases
FreeBSD-SA-26:21.ptrace affects all supported releases
FreeBSD-SA-26:22.casper affects all supported releases
FreeBSD-SA-26:23.bsdinstall affects all supported releases
FreeBSD-SA-26:24.cap_net affects all supported releases
1.1_6
19 May 2026 19:52:51
commit hash: 8b69d71a5afc2cab7a9fe013a60ac653e60dffb5commit hash: 8b69d71a5afc2cab7a9fe013a60ac653e60dffb5commit hash: 8b69d71a5afc2cab7a9fe013a60ac653e60dffb5commit hash: 8b69d71a5afc2cab7a9fe013a60ac653e60dffb5 files touched by this commit		 Jochen Neumeister (joneum) search for other commits by this committer 
security/vuxml: Document Nginx vulnerabilities

add entry for www/nginx-devel

Sponsored by:	Netzkommune GmbH
1.1_6
19 May 2026 08:52:52
commit hash: c82c148a03ed19dede8ea525bc513397f80027b5commit hash: c82c148a03ed19dede8ea525bc513397f80027b5commit hash: c82c148a03ed19dede8ea525bc513397f80027b5commit hash: c82c148a03ed19dede8ea525bc513397f80027b5 files touched by this commit		 Bernard Spil (brnrd) search for other commits by this committer 
security/vuxml: Document MySQL vulnerabilities
1.1_6
19 May 2026 08:12:44
commit hash: 53bd09fab91fa498cbabac668a2e976f2abf98d2commit hash: 53bd09fab91fa498cbabac668a2e976f2abf98d2commit hash: 53bd09fab91fa498cbabac668a2e976f2abf98d2commit hash: 53bd09fab91fa498cbabac668a2e976f2abf98d2 files touched by this commit		 Bernard Spil (brnrd) search for other commits by this committer 
security/vuxml: Document MariaDB vulnerabilities
1.1_6
18 May 2026 15:12:20
commit hash: a051aa67a61159d77a0c4b856562b5e5e9af33d3commit hash: a051aa67a61159d77a0c4b856562b5e5e9af33d3commit hash: a051aa67a61159d77a0c4b856562b5e5e9af33d3commit hash: a051aa67a61159d77a0c4b856562b5e5e9af33d3 files touched by this commit		 Ryan Steinmetz (zi) search for other commits by this committer 
security/vuxml: Update affected packages for varnish vuln
1.1_6
18 May 2026 14:43:31
commit hash: 7b63db13ecc1d378b871c113ecfb3d8177d073a8commit hash: 7b63db13ecc1d378b871c113ecfb3d8177d073a8commit hash: 7b63db13ecc1d378b871c113ecfb3d8177d073a8commit hash: 7b63db13ecc1d378b871c113ecfb3d8177d073a8 files touched by this commit		 Ryan Steinmetz (zi) search for other commits by this committer 
security/vuxml: Document varnish/vinyl vulnerability

A deficiency in HTTP/2 request parsing can be exploited to launch a backend
request desync attack (request smuggling), which in turn can be used for cache
poisoning, authentication bypass or possibly even information disclosure and
manipulation.
1.1_6
17 May 2026 20:44:10
commit hash: c758ae56e7463d415a65a19b5399352ce6e64a1bcommit hash: c758ae56e7463d415a65a19b5399352ce6e64a1bcommit hash: c758ae56e7463d415a65a19b5399352ce6e64a1bcommit hash: c758ae56e7463d415a65a19b5399352ce6e64a1b files touched by this commit		 Danilo G. Baio (dbaio) search for other commits by this committer 
security/vuxml: Fix nginx version in the latest entry
1.1_6
14 May 2026 18:33:08
commit hash: c46096fe3704d1c6ad4a844270881554968b2540commit hash: c46096fe3704d1c6ad4a844270881554968b2540commit hash: c46096fe3704d1c6ad4a844270881554968b2540commit hash: c46096fe3704d1c6ad4a844270881554968b2540 files touched by this commit		 Palle Girgensohn (girgen) search for other commits by this committer 
security/vuxml: Add postgreql??-* vulnerabilities

* CVE-2026-6472
* CVE-2026-6473
* CVE-2026-6474
* CVE-2026-6475
* CVE-2026-6476
* CVE-2026-6477
* CVE-2026-6478
* CVE-2026-6479
* CVE-2026-6575
* CVE-2026-6637
* CVE-2026-6638
1.1_6
14 May 2026 14:23:09
commit hash: 78c6cd4184273b95f52f614fa42121048ba55df9commit hash: 78c6cd4184273b95f52f614fa42121048ba55df9commit hash: 78c6cd4184273b95f52f614fa42121048ba55df9commit hash: 78c6cd4184273b95f52f614fa42121048ba55df9 files touched by this commit		 Ryan Steinmetz (zi) search for other commits by this committer 
security/vuxml: Document www/nginx DoS/RCE

PR:		295270
Security:	3414ac89-4f9f-11f1-a1c0-0050569f0b83
1.1_6
14 May 2026 11:47:37
commit hash: c0b77671765e215c90e4adfea3fe73291d74de6acommit hash: c0b77671765e215c90e4adfea3fe73291d74de6acommit hash: c0b77671765e215c90e4adfea3fe73291d74de6acommit hash: c0b77671765e215c90e4adfea3fe73291d74de6a files touched by this commit		 Guido Falsi (madpilot) search for other commits by this committer 
security/vuxml: Document new mail/mailpit vulnerabilities
1.1_6
14 May 2026 10:19:54
commit hash: cc12f45012ff5dd1a78b05648f27039030d59dd0commit hash: cc12f45012ff5dd1a78b05648f27039030d59dd0commit hash: cc12f45012ff5dd1a78b05648f27039030d59dd0commit hash: cc12f45012ff5dd1a78b05648f27039030d59dd0 files touched by this commit		 Daniel Engberg (diizzy) search for other commits by this committer 
security/vuxml: Update entry for (py-)setuptools CVE-2025-47273

Expand this to our ancient ports to according to upstream report.
Affects devel/py-setuptools44 and devel/py-setuptools58
1.1_6
14 May 2026 09:54:57
commit hash: 680508df7b6afef2e0946653a556df8db30af1fbcommit hash: 680508df7b6afef2e0946653a556df8db30af1fbcommit hash: 680508df7b6afef2e0946653a556df8db30af1fbcommit hash: 680508df7b6afef2e0946653a556df8db30af1fb files touched by this commit		 Daniel Engberg (diizzy) search for other commits by this committer 
security/vuxml: Add entry for (py-)setuptools CVE-2025-47273

This is almost a one year old CVE
1.1_6
14 May 2026 04:35:18
commit hash: ffbe9430c914b7f32b06f7814558972fa40ea6cccommit hash: ffbe9430c914b7f32b06f7814558972fa40ea6cccommit hash: ffbe9430c914b7f32b06f7814558972fa40ea6cccommit hash: ffbe9430c914b7f32b06f7814558972fa40ea6cc files touched by this commit		 Matthias Fechner (mfechner) search for other commits by this committer 
security/vuxml: document Gitlab vulnerabilities
1.1_6
12 May 2026 23:29:15
commit hash: 894f968898e117b5fbac26f6d8410017f724dff8commit hash: 894f968898e117b5fbac26f6d8410017f724dff8commit hash: 894f968898e117b5fbac26f6d8410017f724dff8commit hash: 894f968898e117b5fbac26f6d8410017f724dff8 files touched by this commit		 Craig Leres (leres) search for other commits by this committer 
security/vuxml: Mark security/zeek < 8.0.8 as vulnerable as per:

    https://github.com/zeek/zeek/releases/tag/v8.0.8

This release fixes the following potential DoS vulnerability:

 - A specially-crafted series of MIME headers sent via SMTP or HTTP
   could cause Zeek to use large amounts of memory and potentially
   crash.

Reported by:	Tim Wojtulewicz
1.1_6
12 May 2026 11:46:31
commit hash: 6d0e297d8350d63465c710cc067d5f9a4a1a37ffcommit hash: 6d0e297d8350d63465c710cc067d5f9a4a1a37ffcommit hash: 6d0e297d8350d63465c710cc067d5f9a4a1a37ffcommit hash: 6d0e297d8350d63465c710cc067d5f9a4a1a37ff files touched by this commit		 Fernando Apesteguía (fernape) search for other commits by this committer
Author: Matthias Andree		 
security/vuxml: Add dnsmasq vulnerabilities

 * CVE-2026-2291
 * CVE-2026-4890
 * CVE-2026-4891
 * CVE-2026-4892
 * CVE-2026-4893
 * CVE-2026-5172

PR:	295204
1.1_6
12 May 2026 11:32:54
commit hash: 70439fe0324341515fb83893b4231d280a91ba82commit hash: 70439fe0324341515fb83893b4231d280a91ba82commit hash: 70439fe0324341515fb83893b4231d280a91ba82commit hash: 70439fe0324341515fb83893b4231d280a91ba82 files touched by this commit		 Fernando Apesteguía (fernape) search for other commits by this committer
Author: Einar Bjarni Halldórsson		 
security/vuxml: Add prosody vulnerability

CNA:  MITRE
 * Base Score:	7.2 HIGH
 * Vector:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

PR:	295226
1.1_6
11 May 2026 22:09:38
commit hash: 9f22d11e50796885e308d61156253b9c29ffb3f6commit hash: 9f22d11e50796885e308d61156253b9c29ffb3f6commit hash: 9f22d11e50796885e308d61156253b9c29ffb3f6commit hash: 9f22d11e50796885e308d61156253b9c29ffb3f6 files touched by this commit		 Thierry Thomas (thierry) search for other commits by this committer 
security/vuxml: adding an entry for expat

See https://blog.hartwork.org/posts/expat-2-8-1-released/
and https://nvd.nist.gov/vuln/detail/CVE-2026-45186

Security:	CVE-2026-45186
1.1_6
11 May 2026 08:26:05
commit hash: 260dc0d24d4366140452778e0c8c84e7771e1ba0commit hash: 260dc0d24d4366140452778e0c8c84e7771e1ba0commit hash: 260dc0d24d4366140452778e0c8c84e7771e1ba0commit hash: 260dc0d24d4366140452778e0c8c84e7771e1ba0 files touched by this commit		 Fernando Apesteguía (fernape) search for other commits by this committer 
security/vuxml: Remove warning

Reduce the size of the description in one case.
Nothing can be done for the other one.
1.1_6
11 May 2026 07:16:18
commit hash: 0dc651fe04120318b73d6757e4b26e564ab680e0commit hash: 0dc651fe04120318b73d6757e4b26e564ab680e0commit hash: 0dc651fe04120318b73d6757e4b26e564ab680e0commit hash: 0dc651fe04120318b73d6757e4b26e564ab680e0 files touched by this commit		 Fernando Apesteguía (fernape) search for other commits by this committer
Author: Thomas Morper		 
security/vuxml: add CVEs for Prosody advisory 2026-04-29

ChangeLog: https://prosody.im/security/advisory_735dd9d3/

PR:		295127
1.1_6
11 May 2026 03:43:20
commit hash: 24c9096b86b0b3ea89d6299e47d73566355631c9commit hash: 24c9096b86b0b3ea89d6299e47d73566355631c9commit hash: 24c9096b86b0b3ea89d6299e47d73566355631c9commit hash: 24c9096b86b0b3ea89d6299e47d73566355631c9 files touched by this commit		 Bryan Drewery (bdrewery) search for other commits by this committer 
security/vuxml: Document dash entry
1.1_6
09 May 2026 19:12:43
commit hash: de7ba06b0e005d4a4f32758660feb7d0aef129e5commit hash: de7ba06b0e005d4a4f32758660feb7d0aef129e5commit hash: de7ba06b0e005d4a4f32758660feb7d0aef129e5commit hash: de7ba06b0e005d4a4f32758660feb7d0aef129e5 files touched by this commit		 Daniel Engberg (diizzy) search for other commits by this committer
Author: Matthias Andree		 
security/vuxml: Adjust listing for OpenVPN 2.6.20 release

Fixes in 2.7.2 are backported to 2.6.20 release

PR:		294714
Security:	549313db-3e93-11f1-8d38-7fbbe0285610
		CVE-2026-35058
		CVE-2026-40215
1.1_6
08 May 2026 08:28:41
commit hash: c7efe81fa9ed5bdb660c6a5d2d6c4935072b67c0commit hash: c7efe81fa9ed5bdb660c6a5d2d6c4935072b67c0commit hash: c7efe81fa9ed5bdb660c6a5d2d6c4935072b67c0commit hash: c7efe81fa9ed5bdb660c6a5d2d6c4935072b67c0 files touched by this commit		 Fernando Apesteguía (fernape) search for other commits by this committer 
security/vuxml: Add Mozilla vulnerabilities

 * CVE-2026-8090
 * CVE-2026-8091
 * CVE-2026-8092
 * CVE-2026-8093
 * CVE-2026-8094
1.1_6
08 May 2026 06:26:06
commit hash: 2adcf0ad8ab17e474893e10ecb7dc0c51213a70bcommit hash: 2adcf0ad8ab17e474893e10ecb7dc0c51213a70bcommit hash: 2adcf0ad8ab17e474893e10ecb7dc0c51213a70bcommit hash: 2adcf0ad8ab17e474893e10ecb7dc0c51213a70b files touched by this commit		 Robert Nagy (rnagy) search for other commits by this committer 
security/vuxml: add www/*chromium < 148.0.7778.96

Obtained
from:	https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html
1.1_6
07 May 2026 09:58:41
commit hash: 646e75df22fac124c6cdc76ff3dbbf228687aaf6commit hash: 646e75df22fac124c6cdc76ff3dbbf228687aaf6commit hash: 646e75df22fac124c6cdc76ff3dbbf228687aaf6commit hash: 646e75df22fac124c6cdc76ff3dbbf228687aaf6 files touched by this commit		 Fernando Apesteguía (fernape) search for other commits by this committer 
security/vuxml: Add mongodb vulnerabilities

CVE-2026-6914
	Base Score:	7.5 HIGH
	Vector:		CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

 CVE-2026-6915
	Base Score:	4.3 MEDIUM
	Vector:		CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1.1_6
05 May 2026 16:06:23
commit hash: 8a08f2af94b35486a39daac01a56d6a85a7c8f62commit hash: 8a08f2af94b35486a39daac01a56d6a85a7c8f62commit hash: 8a08f2af94b35486a39daac01a56d6a85a7c8f62commit hash: 8a08f2af94b35486a39daac01a56d6a85a7c8f62 files touched by this commit		 Yusuf Yaman (nxjoseph) search for other commits by this committer 
security/vuxml: Add devel/ocaml-opam (CVE-2026-41082)

Reviewed by:	osa, vvd (mentors)
Approved by:	vvd (co-mentor)
Differential Revision: https://reviews.freebsd.org/D56834
1.1_6
05 May 2026 10:16:59
commit hash: 4b66c3976a94dab8d1f0611bfe77a62cfbe4ee08commit hash: 4b66c3976a94dab8d1f0611bfe77a62cfbe4ee08commit hash: 4b66c3976a94dab8d1f0611bfe77a62cfbe4ee08commit hash: 4b66c3976a94dab8d1f0611bfe77a62cfbe4ee08 files touched by this commit		 Bernard Spil (brnrd) search for other commits by this committer 
security/vuxml: Document Apache httpd vulnerabilities
1.1_6
04 May 2026 16:51:04
commit hash: 957b9a9920d3e54e25809f7f77ab35cef1d24996commit hash: 957b9a9920d3e54e25809f7f77ab35cef1d24996commit hash: 957b9a9920d3e54e25809f7f77ab35cef1d24996commit hash: 957b9a9920d3e54e25809f7f77ab35cef1d24996 files touched by this commit		 Jochen Neumeister (joneum) search for other commits by this committer 
security/vuxml: Add modsecurity3 vulnerabilities

Document CVE-2026-42268 and CVE-2026-30923 in modsecurity3
before 3.0.15.

PR:	294932
Sponsored by:	Netzkommune GmbH
1.1_6
03 May 2026 16:38:09
commit hash: 7807b4a986e3c6dcf80512ff267cbef54950205acommit hash: 7807b4a986e3c6dcf80512ff267cbef54950205acommit hash: 7807b4a986e3c6dcf80512ff267cbef54950205acommit hash: 7807b4a986e3c6dcf80512ff267cbef54950205a files touched by this commit		 Fernando Apesteguía (fernape) search for other commits by this committer 
security/vuxml: Add Mozilla vulnerability

CVE-2026-7323

NIST: NVD Base Score:	N/A

ADP:  CISA-ADP
Base Score:	7.3 HIGH
Vector:  	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1.1_6
02 May 2026 11:30:17
commit hash: cac0111256df5555ecc7d3a471a4e27d26cd11cfcommit hash: cac0111256df5555ecc7d3a471a4e27d26cd11cfcommit hash: cac0111256df5555ecc7d3a471a4e27d26cd11cfcommit hash: cac0111256df5555ecc7d3a471a4e27d26cd11cf files touched by this commit		 Yusuf Yaman (nxjoseph) search for other commits by this committer
Author: Thomas Morper		 
security/vuxml: add Prosody XMPP server advisory 2026-04-29

CVEs requested but not received yet.

PR:             294898
Reported by:    Thomas Morper <twm@pdp11.pw> (maintainer),
		Max Hearnden (security)
Approved by:    vvd (co-mentor, implicit)
URL:            https://prosody.im/security/advisory_735dd9d3/
Security:       a420f545-442c-11f1-b9b5-589cfc0dc9a2
1.1_6
01 May 2026 14:28:31
commit hash: bdc7494345e18ed504ef080a45089b15cacd5385commit hash: bdc7494345e18ed504ef080a45089b15cacd5385commit hash: bdc7494345e18ed504ef080a45089b15cacd5385commit hash: bdc7494345e18ed504ef080a45089b15cacd5385 files touched by this commit		 Yusuf Yaman (nxjoseph) search for other commits by this committer 
security/vuxml: add textproc/p5-Text-CSV_XS

Reported by:	H.Merijn Brand - Tux <linux@tux.freedom.nl>
Security:	CVE-2026-7111
Reviewed by:	osa, vvd (mentors)
Approved by:	osa (mentor)
Differential Revision: https://reviews.freebsd.org/D56749
1.1_6
01 May 2026 08:34:04
commit hash: 72fbe0877ecf3dc8c018de9fa7151ab6d3e45a65commit hash: 72fbe0877ecf3dc8c018de9fa7151ab6d3e45a65commit hash: 72fbe0877ecf3dc8c018de9fa7151ab6d3e45a65commit hash: 72fbe0877ecf3dc8c018de9fa7151ab6d3e45a65 files touched by this commit		 Daniel Engberg (diizzy) search for other commits by this committer
Author: Matthias Andree		 
security/vuxml: Document openexr < 3.4.11 vulnerabilities

Multiple vulnerabilities

PR:		294882
Security:	787cde46-4424-11f1-943f-05b19d100dca
		CVE-2026-42217
		CVE-2026-42216
		CVE-2026-41142
1.1_6
30 Apr 2026 01:53:45
commit hash: c75e227a2e799703abd67309d959fac3a4ad6ce9commit hash: c75e227a2e799703abd67309d959fac3a4ad6ce9commit hash: c75e227a2e799703abd67309d959fac3a4ad6ce9commit hash: c75e227a2e799703abd67309d959fac3a4ad6ce9 files touched by this commit		 Philip Paeps (philip) search for other commits by this committer 
security/vuxml: correct a typo in SA-26:12.dhclient entry

A trailing space crept into the <topic/> before m previous commit.

Fixes:		0821906582e8 security/vuxml: add FreeBSD SAs issued on 2026-04-29
Pointy hat to:	philip
1.1_6
30 Apr 2026 01:43:58
commit hash: 0821906582e8c600f537b8e6d74c60ac9babdbf4commit hash: 0821906582e8c600f537b8e6d74c60ac9babdbf4commit hash: 0821906582e8c600f537b8e6d74c60ac9babdbf4commit hash: 0821906582e8c600f537b8e6d74c60ac9babdbf4 files touched by this commit		 Philip Paeps (philip) search for other commits by this committer 
security/vuxml: add FreeBSD SAs issued on 2026-04-29

FreeBSD-SA-26:12.dhclient affects all supported releases
FreeBSD-SA-26:13.exec affects all supported releases
FreeBSD-SA-26:14.pf affects all supported releases
FreeBSD-SA-26:15.dhclient affects all supported releases
FreeBSD-SA-26:16.libnv affects all supported releases
FreeBSD-SA-26:17.libnv affects all supported releases
1.1_6
29 Apr 2026 15:01:56
commit hash: 32bc1f34625a622e8fce34da4e94ac8ed30e5ddacommit hash: 32bc1f34625a622e8fce34da4e94ac8ed30e5ddacommit hash: 32bc1f34625a622e8fce34da4e94ac8ed30e5ddacommit hash: 32bc1f34625a622e8fce34da4e94ac8ed30e5dda files touched by this commit		 Fernando Apesteguía (fernape) search for other commits by this committer 
security/vuxml: Add Mozilla vulnerabilities

 * CVE-2026-6786
 * CVE-2026-6785
 * CVE-2026-6784
 * CVE-2026-6783
 * CVE-2026-6782
 * CVE-2026-6781
 * CVE-2026-6780
 * CVE-2026-6779
 * CVE-2026-6778
 * CVE-2026-6777
 * CVE-2026-6776
 * CVE-2026-6775
 * CVE-2026-6774
(Only the first 15 lines of the commit message are shown above View all of this commit message)
1.1_6
27 Apr 2026 21:20:46
commit hash: 4ede684840cdf6bb152ae298db9780375ebc5345commit hash: 4ede684840cdf6bb152ae298db9780375ebc5345commit hash: 4ede684840cdf6bb152ae298db9780375ebc5345commit hash: 4ede684840cdf6bb152ae298db9780375ebc5345 files touched by this commit		 Kousuke Kannagi (mce) search for other commits by this committer 
security/vuxml: Add libXpm vulnerability

PR:		293154
Approved by:	osa (mentor)
1.1_6
26 Apr 2026 10:14:34
commit hash: 568e884ccf0fed1523e4f287b5056cdebd4da33acommit hash: 568e884ccf0fed1523e4f287b5056cdebd4da33acommit hash: 568e884ccf0fed1523e4f287b5056cdebd4da33acommit hash: 568e884ccf0fed1523e4f287b5056cdebd4da33a files touched by this commit		 Daniel Engberg (diizzy) search for other commits by this committer 
security/vuxml: Add entry for (lib)expat CVE-2026-41080

(lib)expat before 2.8.0 uses insufficient entropy, and thus hash
flooding can occur via a crafted XML document

PR:		294769
1.1_6
26 Apr 2026 09:57:38
commit hash: 5e13c27cbe1ab326622afa1bb7790faa9ba41eeccommit hash: 5e13c27cbe1ab326622afa1bb7790faa9ba41eeccommit hash: 5e13c27cbe1ab326622afa1bb7790faa9ba41eeccommit hash: 5e13c27cbe1ab326622afa1bb7790faa9ba41eec files touched by this commit		 Daniel Engberg (diizzy) search for other commits by this committer 
security/vuxml: Add entry for lcms2 CVE-2026-41254

Integer overflow
1.1_6
25 Apr 2026 14:33:31
commit hash: af4d9585ba58d491ff3166637f63769766eafd77commit hash: af4d9585ba58d491ff3166637f63769766eafd77commit hash: af4d9585ba58d491ff3166637f63769766eafd77commit hash: af4d9585ba58d491ff3166637f63769766eafd77 files touched by this commit		 Olivier Cochard (olivier) search for other commits by this committer
Author: Matthias Andree		 
security/vuxml: add OpenVPN < 2.7.2 vulns

Security:       549313db-3e93-11f1-8d38-7fbbe0285610
Security:       CVE-2026-35058
Security:       CVE-2026-40215
PR:		294714
1.1_6
23 Apr 2026 04:39:53
commit hash: 94630ac205b54e1ef18f1be6b739f5a8a6c50f31commit hash: 94630ac205b54e1ef18f1be6b739f5a8a6c50f31commit hash: 94630ac205b54e1ef18f1be6b739f5a8a6c50f31commit hash: 94630ac205b54e1ef18f1be6b739f5a8a6c50f31 files touched by this commit		 Matthias Fechner (mfechner) search for other commits by this committer 
security/vuxml: document gitlab vulnerabilities
1.1_6
22 Apr 2026 02:10:52
commit hash: f043ed3ac1477aba3bbabf6ae3dbf3e304a30c50commit hash: f043ed3ac1477aba3bbabf6ae3dbf3e304a30c50commit hash: f043ed3ac1477aba3bbabf6ae3dbf3e304a30c50commit hash: f043ed3ac1477aba3bbabf6ae3dbf3e304a30c50 files touched by this commit		 Philip Paeps (philip) search for other commits by this committer 
security/vuxml: add FreeBSD SAs issued on 2026-04-21

FreeBSD-SA-26:10.vm affects all supported releases
FreeBSD-SA-26:11.amd64 affects all supported releases
1.1_6
21 Apr 2026 15:13:03
commit hash: 21e26919cb9131fe353224172b51f7cee92a94bfcommit hash: 21e26919cb9131fe353224172b51f7cee92a94bfcommit hash: 21e26919cb9131fe353224172b51f7cee92a94bfcommit hash: 21e26919cb9131fe353224172b51f7cee92a94bf files touched by this commit		 Fernando Apesteguía (fernape) search for other commits by this committer 
security/vuxml: Add Mozilla vulnerability

 * Base Score:  9.8 CRITICAL
 * Vector:  CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.1_6
21 Apr 2026 11:40:59
commit hash: 1ff7aec950f35c95d22c6459459578635f0b7b9acommit hash: 1ff7aec950f35c95d22c6459459578635f0b7b9acommit hash: 1ff7aec950f35c95d22c6459459578635f0b7b9acommit hash: 1ff7aec950f35c95d22c6459459578635f0b7b9a files touched by this commit		 Ashish SHUKLA (ashish) search for other commits by this committer 
security/vuxml: Document ejabberd vulnerability
1.1_6
20 Apr 2026 17:13:17
commit hash: 039d0a9ca8071483329e75139016070c19afd121commit hash: 039d0a9ca8071483329e75139016070c19afd121commit hash: 039d0a9ca8071483329e75139016070c19afd121commit hash: 039d0a9ca8071483329e75139016070c19afd121 files touched by this commit		 Craig Leres (leres) search for other commits by this committer 
security/vuxml: Mark security/zeek < 8.0.7 as vulnerable as per:

    https://github.com/zeek/zeek/releases/tag/v8.0.7

This release fixes the following potential DoS vulnerabilities:

 - A series of DNS messages containing long DNS compression chains
   can cause Zeek to spend a long time processing packets and
   potentially crash. Due to the fact that these packets can be
   received from remote hosts, this is a DoS risk.

 - A specially-crafted LDAP search request can cause Zeek to spend
   a long time processing the packet, resulting in Zeek silently
   dropping the LDAP analyzer for the connection. Due to the fact
   that these packets can be received from remote hosts, this is
   an evasion risk.

 - A specially-crafted series of ASN.1 messages in LDAP packets can
   cause Zeek to spend a long time processing the packets, resulting
   in Zeek silently dropping the LDAP analyzer for the connection.
   Due to the fact that these packets can be received from remote
   hosts, this is an evasion risk.

Reported by:	Tim Wojtulewicz
1.1_6
19 Apr 2026 18:33:11
commit hash: 45e6a1dc9a123ff69d36505e14c18eb1c46a3b1dcommit hash: 45e6a1dc9a123ff69d36505e14c18eb1c46a3b1dcommit hash: 45e6a1dc9a123ff69d36505e14c18eb1c46a3b1dcommit hash: 45e6a1dc9a123ff69d36505e14c18eb1c46a3b1d files touched by this commit		 Daniel Engberg (diizzy) search for other commits by this committer
Author: Matthias Andree		 
security/vuxml: Add entry for OpenEXR vulnerabilities < 3.4.10

Multiple integer overflow issues

Obtained from:	GitHub repo
Security:	CVE-2026-39886
		CVE-2026-40244
		CVE-2026-40250
1.1_6
18 Apr 2026 23:44:37
commit hash: e57b4ffdac1b7edf78841e6d4b9dbd990e35aeb5commit hash: e57b4ffdac1b7edf78841e6d4b9dbd990e35aeb5commit hash: e57b4ffdac1b7edf78841e6d4b9dbd990e35aeb5commit hash: e57b4ffdac1b7edf78841e6d4b9dbd990e35aeb5 files touched by this commit		 Koichiro Iwao (meta) search for other commits by this committer 
security/vuxml: Document multiple xrdp vulnerability
1.1_6
17 Apr 2026 12:21:33
commit hash: f668526aa6c8f5bbdab90d017447ae216a8ca2e8commit hash: f668526aa6c8f5bbdab90d017447ae216a8ca2e8commit hash: f668526aa6c8f5bbdab90d017447ae216a8ca2e8commit hash: f668526aa6c8f5bbdab90d017447ae216a8ca2e8 files touched by this commit		 Kai Knoblich (kai) search for other commits by this committer 
security/vuxml: Document py-strawberry-graphql security issues

* CVE-2026-35523 - 7.5
* CVE-2026-35526 - 7.5
1.1_6
17 Apr 2026 06:30:15
commit hash: 91adf3252398f6feb2d91eb1e7a45f7f51c36bd3commit hash: 91adf3252398f6feb2d91eb1e7a45f7f51c36bd3commit hash: 91adf3252398f6feb2d91eb1e7a45f7f51c36bd3commit hash: 91adf3252398f6feb2d91eb1e7a45f7f51c36bd3 files touched by this commit		 Fernando Apesteguía (fernape) search for other commits by this committer 
security/vuxml: Add Mozilla vulnerability

CVE-2026-5731
	Base Score:	9.8 CRITICAL
	Vector:		CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.1_6
16 Apr 2026 21:38:32
commit hash: 97f22e47abbca9561ddab83242f205ef2046fc24commit hash: 97f22e47abbca9561ddab83242f205ef2046fc24commit hash: 97f22e47abbca9561ddab83242f205ef2046fc24commit hash: 97f22e47abbca9561ddab83242f205ef2046fc24 files touched by this commit		 Daniel Engberg (diizzy) search for other commits by this committer
Author: Matthias Andree		 
security/vuxml: Add entry for Python CVE-2026-4786

Incomplete mitigation of CVE-2026-4519,
%action expansion for command injection to webbrowser.open()

Obtained from:	GitHub repo
Security:	CVE-2026-4786
		cf75f572-378a-11f1-a119-e36228bfe7d4
1.1_6
16 Apr 2026 21:38:32
commit hash: 22584e71f43f5a2b074284c2122eda58440080facommit hash: 22584e71f43f5a2b074284c2122eda58440080facommit hash: 22584e71f43f5a2b074284c2122eda58440080facommit hash: 22584e71f43f5a2b074284c2122eda58440080fa files touched by this commit		 Daniel Engberg (diizzy) search for other commits by this committer
Author: Matthias Andree		 
security/vuxml: Add entry for Python CVE-2026-6100

Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor
and gzip.GzipFile

Obtained from:	GitHub repo
Security:	b8e9f33c-375d-11f1-a119-e36228bfe7d4
		CVE-2026-6100
1.1_6
16 Apr 2026 15:06:13
commit hash: 4abd8b03fba6c6780d1076e483bfba0692435d44commit hash: 4abd8b03fba6c6780d1076e483bfba0692435d44commit hash: 4abd8b03fba6c6780d1076e483bfba0692435d44commit hash: 4abd8b03fba6c6780d1076e483bfba0692435d44 files touched by this commit		 Yusuf Yaman (nxjoseph) search for other commits by this committer 
security/vuxml: Add go-ethereum vulnerabilities

PR:		293829
Approved by:	vvd (co-mentor)
1.1_6
16 Apr 2026 08:14:59
commit hash: ce139189ea2d68120d0b53c55f0446bdc2a843e7commit hash: ce139189ea2d68120d0b53c55f0446bdc2a843e7commit hash: ce139189ea2d68120d0b53c55f0446bdc2a843e7commit hash: ce139189ea2d68120d0b53c55f0446bdc2a843e7 files touched by this commit		 Robert Nagy (rnagy) search for other commits by this committer 
security/vuxml: add www/*chromium < 147.0.7727.101

Obtained
from:	https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
1.1_6
15 Apr 2026 13:18:48
commit hash: f60266f2a44f84b82f33178ebca8b3a5c05f89ebcommit hash: f60266f2a44f84b82f33178ebca8b3a5c05f89ebcommit hash: f60266f2a44f84b82f33178ebca8b3a5c05f89ebcommit hash: f60266f2a44f84b82f33178ebca8b3a5c05f89eb files touched by this commit		 Baptiste Daroussin (bapt) search for other commits by this committer 
security/vuxml: fix php composer declaration to respect the DTD
1.1_6
14 Apr 2026 19:11:34
commit hash: 8721ecd01fcee2d6177189f7196919ca4dc3500bcommit hash: 8721ecd01fcee2d6177189f7196919ca4dc3500bcommit hash: 8721ecd01fcee2d6177189f7196919ca4dc3500bcommit hash: 8721ecd01fcee2d6177189f7196919ca4dc3500b files touched by this commit		 Guido Falsi (madpilot) search for other commits by this committer 
security/vuxml: Document php-composer vulnerabilities

Reference: https://github.com/composer/composer/releases/tag/2.9.6

PR:		294528
1.1_6
14 Apr 2026 15:19:15
commit hash: e5b03a1fd0cd431d4d0299d495106449ddbbf427commit hash: e5b03a1fd0cd431d4d0299d495106449ddbbf427commit hash: e5b03a1fd0cd431d4d0299d495106449ddbbf427commit hash: e5b03a1fd0cd431d4d0299d495106449ddbbf427 files touched by this commit		 Sergey A. Osokin (osa) search for other commits by this committer 
security/vuxml: document xwayland vulnerabilities

Sponsored by:	tipi.work
1.1_6
14 Apr 2026 15:15:36
commit hash: 9cb7ae3b639727037c7d142e33ab587ffabc499dcommit hash: 9cb7ae3b639727037c7d142e33ab587ffabc499dcommit hash: 9cb7ae3b639727037c7d142e33ab587ffabc499dcommit hash: 9cb7ae3b639727037c7d142e33ab587ffabc499d files touched by this commit		 Sergey A. Osokin (osa) search for other commits by this committer 
security/vuxml: document xorg-server vulnerabilities

Sponsored by:	tipi.work
1.1_6
12 Apr 2026 19:00:46
commit hash: 7161d76c68c7626bd601d2cb4f595dc2ea7e90adcommit hash: 7161d76c68c7626bd601d2cb4f595dc2ea7e90adcommit hash: 7161d76c68c7626bd601d2cb4f595dc2ea7e90adcommit hash: 7161d76c68c7626bd601d2cb4f595dc2ea7e90ad files touched by this commit		 Bernard Spil (brnrd) search for other commits by this committer 
security/vuxml: Document Vaultwarden vulnerabilities
1.1_6
12 Apr 2026 18:35:01
commit hash: 8575855cbba0c7b933aaa7edd1825937b97efad8commit hash: 8575855cbba0c7b933aaa7edd1825937b97efad8commit hash: 8575855cbba0c7b933aaa7edd1825937b97efad8commit hash: 8575855cbba0c7b933aaa7edd1825937b97efad8 files touched by this commit		 Daniel Engberg (diizzy) search for other commits by this committer
Author: Matthias Andree		 
security/vuxml: Add entries for Python CVE-2026-1502 and gh-146333

PR:		294324
Security:	CVE-2026-1502
		/ 30bda1c3-369b-11f1-b51c-6dd25bec137b

Security:	5ec4dcf6-3588-11f1-b51c-6dd25bec137b
1.1_6
12 Apr 2026 17:47:23
commit hash: 2eb75c6b2fcda3388f5430625d025fbbddb04d4dcommit hash: 2eb75c6b2fcda3388f5430625d025fbbddb04d4dcommit hash: 2eb75c6b2fcda3388f5430625d025fbbddb04d4dcommit hash: 2eb75c6b2fcda3388f5430625d025fbbddb04d4d files touched by this commit		 Daniel Engberg (diizzy) search for other commits by this committer
Author: Matthias Andree		 
security/vuxml: Update entry for Python CVE-2026-4519

Fixed in 3.14.4

PR:		294324
Security:	9fdad262-2e0f-11f1-88c7-00a098b42aeb
		/ CVE-2026-4519
1.1_6
11 Apr 2026 19:21:44
commit hash: 6d75089f5ea9ac4957a87e53bfde5b8da6bd3145commit hash: 6d75089f5ea9ac4957a87e53bfde5b8da6bd3145commit hash: 6d75089f5ea9ac4957a87e53bfde5b8da6bd3145commit hash: 6d75089f5ea9ac4957a87e53bfde5b8da6bd3145 files touched by this commit		 Yusuf Yaman (nxjoseph) search for other commits by this committer 
security/vuxml: Add py-ormar vulnerabilities

PR:		294382
Approved by:	osa (mentor)
1.1_6
11 Apr 2026 08:26:02
commit hash: 90b45b864acbfaf6894b5aae894f5efe9d2a3a99commit hash: 90b45b864acbfaf6894b5aae894f5efe9d2a3a99commit hash: 90b45b864acbfaf6894b5aae894f5efe9d2a3a99commit hash: 90b45b864acbfaf6894b5aae894f5efe9d2a3a99 files touched by this commit		 Daniel Engberg (diizzy) search for other commits by this committer 
security/vuxml: Document (lib)tiff vulnerability

Document CVE-2026-4775
1.1_6
10 Apr 2026 20:20:08
commit hash: 050b652ec0a002f88a1373b816ef2b7d7b53756bcommit hash: 050b652ec0a002f88a1373b816ef2b7d7b53756bcommit hash: 050b652ec0a002f88a1373b816ef2b7d7b53756bcommit hash: 050b652ec0a002f88a1373b816ef2b7d7b53756b files touched by this commit		 Yusuf Yaman (nxjoseph) search for other commits by this committer 
security/vuxml: Add DNSdist vulnerabilities

PR:		294225
Approved by:	osa (mentor)
1.1_6
10 Apr 2026 16:39:52
commit hash: 1a38d8fb7aefaafa50ce7f39a7de7b721785c2abcommit hash: 1a38d8fb7aefaafa50ce7f39a7de7b721785c2abcommit hash: 1a38d8fb7aefaafa50ce7f39a7de7b721785c2abcommit hash: 1a38d8fb7aefaafa50ce7f39a7de7b721785c2ab files touched by this commit		 Yusuf Yaman (nxjoseph) search for other commits by this committer 
security/vuxml: Add MbedTLS vulnerabilities

Reviewed by:	osa, vvd (mentors)
Approved by:	osa (mentor)
Differential Revision: https://reviews.freebsd.org/D56344
1.1_6
10 Apr 2026 07:01:33
commit hash: b37836a814e0de25a297e6b0618f1e68b308e1e0commit hash: b37836a814e0de25a297e6b0618f1e68b308e1e0commit hash: b37836a814e0de25a297e6b0618f1e68b308e1e0commit hash: b37836a814e0de25a297e6b0618f1e68b308e1e0 files touched by this commit		 Robert Nagy (rnagy) search for other commits by this committer 
security/vuxml: add www/*chromium < 147.0.7727.55

Obtained
from:	https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html
1.1_6
09 Apr 2026 10:26:08
commit hash: bf8e91afef8324443fe56ec3b9ed250cc2f2eb12commit hash: bf8e91afef8324443fe56ec3b9ed250cc2f2eb12commit hash: bf8e91afef8324443fe56ec3b9ed250cc2f2eb12commit hash: bf8e91afef8324443fe56ec3b9ed250cc2f2eb12 files touched by this commit		 Fernando Apesteguía (fernape) search for other commits by this committer 
security/vuxml: Add Mozilla vulnerabilities

 * CVE-2026-5732:	NVD assessment not yet provided
 * CVE-2026-5733:	NVD assessment not yet provided
 * CVE-2026-5734:	Base Score:  9.8 CRITICAL
			Vector:  CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 * CVE-2026-5734:	Base Score:  9.8 CRITICAL
			Vector:  CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.1_6
09 Apr 2026 06:13:41
commit hash: 46a9025aee5d6862bebaf112346803a9e758fc75commit hash: 46a9025aee5d6862bebaf112346803a9e758fc75commit hash: 46a9025aee5d6862bebaf112346803a9e758fc75commit hash: 46a9025aee5d6862bebaf112346803a9e758fc75 files touched by this commit		 Bernard Spil (brnrd) search for other commits by this committer 
security/vuxml: Update URL in latest OpenSSL vulns
1.1_6
09 Apr 2026 04:35:00
commit hash: 3577d03d12d77d49068a8d4dda511e85de119e5acommit hash: 3577d03d12d77d49068a8d4dda511e85de119e5acommit hash: 3577d03d12d77d49068a8d4dda511e85de119e5acommit hash: 3577d03d12d77d49068a8d4dda511e85de119e5a files touched by this commit		 Matthias Fechner (mfechner) search for other commits by this committer 
security/vuxml: document gitlab vulnerabilities
1.1_6
07 Apr 2026 18:12:42
commit hash: 7146c222ed53fb47713d33e5b1823d2e7de76a0ecommit hash: 7146c222ed53fb47713d33e5b1823d2e7de76a0ecommit hash: 7146c222ed53fb47713d33e5b1823d2e7de76a0ecommit hash: 7146c222ed53fb47713d33e5b1823d2e7de76a0e files touched by this commit		 Bernard Spil (brnrd) search for other commits by this committer 
security/vuxml: Document OpenSSL vulnerabilities
1.1_6
05 Apr 2026 11:54:26
commit hash: f2b8dcc5bc953e4ae50853ea2eab0d812d7f8fb7commit hash: f2b8dcc5bc953e4ae50853ea2eab0d812d7f8fb7commit hash: f2b8dcc5bc953e4ae50853ea2eab0d812d7f8fb7commit hash: f2b8dcc5bc953e4ae50853ea2eab0d812d7f8fb7 files touched by this commit		 Fernando Apesteguía (fernape) search for other commits by this committer 
security/vuxml: Add {lib}nghttp2 vulneability

CVE-2026-27135

Base Score:	7.5 HIGH
Vector:		CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Number of commits found: 8056 (showing only 100 on this page)

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11  »  [Last Page]
Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
Security Policy
Privacy
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
mariadb1011-server*Jun 30
mariadb106-server*Jun 30
mariadb114-server*Jun 30
mariadb118-server*Jun 30
weechatJun 07
weechatJun 07
gitlabJun 06
apache24Jun 04
powerdnsJun 04
xorg-serverJun 01
xwaylandJun 01
chromiumMay 30
ungoogled-chromiumMay 30
gohugoMay 29
erlangMay 28

26 vulnerabilities affecting 291 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last processed:
2026-06-07 09:04:06 UTC


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)

Calculated hourly:
Port count 34565
Broken 101
Deprecated 318
Ignore 215
Forbidden 0
Restricted 1
No CDROM 1
Vulnerable 40
Expired 15
Set to expire 251
Interactive 0
new 24 hours 3
new 48 hours5
new 7 days21
new fortnight74
new month140
Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD 		Valid HTML, CSS, and RSS. Copyright © 2000-2026 Dan Langille. All rights reserved.