CVE-2026-11852
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk8th percentile — higher than 8% of all known CVEs
Summary
Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Endpoints that create and delete relationships between artifacts enforced no permissions checks beyond being able to see the artifacts in question.
Risk Assessment
The lack of permission checks may lead to unauthorized access to artifacts, posing a risk of data manipulation or deletion by unauthorized individuals.
Recommendation
It is recommended to implement appropriate permission checks for endpoints that create and delete relationships between artifacts to secure data access.
Original NVD description (English source)
Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Files managed by debusine are organized into artifacts. The endpoints that create and delete relationships between artifacts enforced no permissions checks beyond being able to see the artifacts in question.

