CVE-2026-11852_CVE-2026-11852

6.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Description

Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Files managed by debusine are organized into artifacts. The endpoints that create and delete relationships between artifacts enforced no permissions checks beyond being able to see the artifacts in question.

Basic Information

ID CVE-2026-11852

Source debian

Published Jun 10, 2026 at 09:10

Modified Jun 10, 2026 at 18:51

Affected Product

Vendor Debian

Product debusine

Version 0.2.0

Affected Versions Debian debusine 0.2.0

CWE Classification

CWE-862

References

{
    "lastseen": "",
    "description": "Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Files managed by debusine are organized into artifacts. The endpoints that create and delete relationships between artifacts enforced no permissions checks beyond being able to see the artifacts in question.",
    "published": "2026-06-10T09:10:21.401Z",
    "modified": "2026-06-10T18:51:58.197Z",
    "type": "cve",
    "title": "CVE-2026-11852",
    "source": "debian",
    "references": "https://salsa.debian.org/freexian-team/debusine/-/work_items/1499\nhttps://salsa.debian.org/freexian-team/debusine/-/merge_requests/2836\nhttps://salsa.debian.org/freexian-team/debusine/-/commit/98104f46dc546a27a0326d5ef728ac7f426c430a",
    "id": "CVE-2026-11852",
    "bulletinFamily": "",
    "cwe": [
        "CWE-862"
    ],
    "cvelist": null,
    "sourceData": "Debian debusine 0.2.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "debusine",
    "version": "0.2.0",
    "vendor": "Debian",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}