CVE Catalog

CVE-2026-11852

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.03%

8th percentile — higher than 8% of all known CVEs

Summary

Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Endpoints that create and delete relationships between artifacts enforced no permissions checks beyond being able to see the artifacts in question.

Risk Assessment

The lack of permission checks may lead to unauthorized access to artifacts, posing a risk of data manipulation or deletion by unauthorized individuals.

Recommendation

It is recommended to implement appropriate permission checks for endpoints that create and delete relationships between artifacts to secure data access.

Original NVD description (English source)

Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Files managed by debusine are organized into artifacts. The endpoints that create and delete relationships between artifacts enforced no permissions checks beyond being able to see the artifacts in question.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS