CLEANSTART-2026-QO30809

See a problem?
Import Source
https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-QO30809.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLEANSTART-2026-QO30809
Upstream
  • CVE-2026-25679
  • CVE-2026-27139
  • CVE-2026-27142
  • ghsa-4v7x-pqxf-cx7m
  • ghsa-6v2p-p543-phr9
  • ghsa-qxp5-gwg8-xv66
  • ghsa-vvgc-356p-c3xw
Published
2026-05-18T13:04:16.405944Z
Modified
2026-05-21T10:30:05.919287070Z
Summary
Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, ghsa-4v7x-pqxf-cx7m, ghsa-6v2p-p543-phr9, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw applied in versions: 0.9.0-r1, 0.9.0-r3
Details

Multiple security vulnerabilities affect the wave-fips package. These issues are resolved in later releases. See references for individual vulnerability details.

References

Affected packages

CleanStart / wave-fips

Package

Name
wave-fips

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.9.0-r3

Database specific

source 
"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-QO30809.json"