From 6dacc522716e4e364fc735138b666f722758d6f1 Mon Sep 17 00:00:00 2001 From: Gareth Jones <3151613+G-Rath@users.noreply.github.com> Date: Mon, 23 Feb 2026 07:16:04 +1300 Subject: [PATCH 1/2] Improve GHSA-3ppc-4f35-3m26 --- .../GHSA-3ppc-4f35-3m26.json | 141 +++++++++++++++++- 1 file changed, 139 insertions(+), 2 deletions(-) diff --git a/advisories/github-reviewed/2026/02/GHSA-3ppc-4f35-3m26/GHSA-3ppc-4f35-3m26.json b/advisories/github-reviewed/2026/02/GHSA-3ppc-4f35-3m26/GHSA-3ppc-4f35-3m26.json index e62b787b379c0..03fe68d5c48e3 100644 --- a/advisories/github-reviewed/2026/02/GHSA-3ppc-4f35-3m26/GHSA-3ppc-4f35-3m26.json +++ b/advisories/github-reviewed/2026/02/GHSA-3ppc-4f35-3m26/GHSA-3ppc-4f35-3m26.json @@ -1,7 +1,7 @@ { "schema_version": "1.4.0", "id": "GHSA-3ppc-4f35-3m26", - "modified": "2026-02-20T16:52:14Z", + "modified": "2026-02-20T16:52:16Z", "published": "2026-02-18T22:38:11Z", "aliases": [ "CVE-2026-26996" @@ -25,7 +25,7 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "0" + "introduced": "10.0.0" }, { "fixed": "10.2.1" @@ -33,6 +33,139 @@ ] } ] + }, + { + "package": { + "ecosystem": "npm", + "name": "minimatch" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "9.0.0" + }, + { + "fixed": "9.0.6" + } + ] + } + ] + }, + { + "package": { + "ecosystem": "npm", + "name": "minimatch" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "8.0.0" + }, + { + "fixed": "8.0.5" + } + ] + } + ] + }, + { + "package": { + "ecosystem": "npm", + "name": "minimatch" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "7.0.0" + }, + { + "fixed": "7.4.7" + } + ] + } + ] + }, + { + "package": { + "ecosystem": "npm", + "name": "minimatch" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "6.0.0" + }, + { + "fixed": "6.2.1" + } + ] + } + ] + }, + { + "package": { + "ecosystem": "npm", + "name": "minimatch" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "5.0.0" + }, + { + "fixed": "5.1.7" + } + ] + } + ] + }, + { + "package": { + "ecosystem": "npm", + "name": "minimatch" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "4.0.0" + }, + { + "fixed": "4.2.4" + } + ] + } + ] + }, + { + "package": { + "ecosystem": "npm", + "name": "minimatch" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "3.0.0" + }, + { + "fixed": "3.1.3" + } + ] + } + ] } ], "references": [ @@ -44,6 +177,10 @@ "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996" }, + { + "type": "WEB", + "url": "https://github.com/isaacs/minimatch/issues/275" + }, { "type": "WEB", "url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5" From ed68bcffe8458421594767e9fc15f75dcb458bb9 Mon Sep 17 00:00:00 2001 From: Gareth Jones <3151613+G-Rath@users.noreply.github.com> Date: Tue, 24 Feb 2026 07:22:15 +1300 Subject: [PATCH 2/2] Improve GHSA-3ppc-4f35-3m26 --- .../2026/02/GHSA-3ppc-4f35-3m26/GHSA-3ppc-4f35-3m26.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advisories/github-reviewed/2026/02/GHSA-3ppc-4f35-3m26/GHSA-3ppc-4f35-3m26.json b/advisories/github-reviewed/2026/02/GHSA-3ppc-4f35-3m26/GHSA-3ppc-4f35-3m26.json index 03fe68d5c48e3..825bfce5f45a6 100644 --- a/advisories/github-reviewed/2026/02/GHSA-3ppc-4f35-3m26/GHSA-3ppc-4f35-3m26.json +++ b/advisories/github-reviewed/2026/02/GHSA-3ppc-4f35-3m26/GHSA-3ppc-4f35-3m26.json @@ -25,7 +25,7 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "10.0.0" + "introduced": "0" }, { "fixed": "10.2.1" @@ -158,7 +158,7 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "3.0.0" + "introduced": "0" }, { "fixed": "3.1.3"