CLEANSTART-2026-NJ50569

See a problem?

Import Source

https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-NJ50569.json

JSON Data

https://api.test.osv.dev/v1/vulns/CLEANSTART-2026-NJ50569

Upstream

CVE-2026-34986

ghsa-78h2-9frx-2jm8

Published

2026-06-08T13:11:16.403711Z

Modified

2026-06-22T09:45:15.386027077Z

Summary

Security fixes for CVE-2026-34986, ghsa-78h2-9frx-2jm8 applied in versions: 0.48.1-r0

Details

Multiple security vulnerabilities affect the melange package. These issues are resolved in later releases. See references for individual vulnerability details.

References

https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NJ50569.json
https://osv.dev/vulnerability/CVE-2026-34986
https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8
https://nvd.nist.gov/vuln/detail/CVE-2026-34986

Affected packages

CleanStart / melange

Package

Name: melange

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.48.1-r0

Database specific

source

"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-NJ50569.json"