StackPatch is live — CVE patch ops for indie SaaS, $99 lifetime founder seat (50 only).See product

Back to CVE digest

Package · editorconfig

`editorconfig` CVE matrix across Linux distros

8 CVEs tracked across 8 distro releases. Showing the 8 most-recent fix records.

Ecosystems with tracked fixes

Alpine edgeUbuntu bionicUbuntu focalUbuntu jammyUbuntu nobleUbuntu questingUbuntu resoluteUbuntu xenial

Recent fix records

Each row links to the full per-CVE cross-distro view. Sorted most-recent first.

Ubuntu bionic

Source: Ubuntu USN

CVE-2026-40489→ fixed in0.12.1-1.1ubuntu0.18.04.1~esm3USN-8238-2

Single command to patch all of these:

sudo apt-get install --only-upgrade -y editorconfig

Ubuntu focal

Source: Ubuntu USN

CVE-2026-40489→ fixed in0.12.1-1.1+deb11u1ubuntu0.1~esm1USN-8238-2

Single command to patch all of these:

sudo apt-get install --only-upgrade -y editorconfig

Ubuntu jammy

Source: Ubuntu USN

CVE-2026-40489→ fixed in0.12.5-2ubuntu0.1~esm3USN-8238-2

Single command to patch all of these:

sudo apt-get install --only-upgrade -y editorconfig

Ubuntu xenial

Source: Ubuntu USN

CVE-2026-40489→ fixed in0.12.0-2ubuntu0.1~esm3USN-8238-2

Single command to patch all of these:

sudo apt-get install --only-upgrade -y editorconfig

Ubuntu noble

Source: Ubuntu USN

CVE-2026-40489→ fixed in0.12.7-0.1ubuntu0.1USN-8238-1

Single command to patch all of these:

sudo apt-get install --only-upgrade -y editorconfig

Ubuntu questing

Source: Ubuntu USN

CVE-2026-40489→ fixed in0.12.9+~0.17.1-1ubuntu2.1USN-8238-1

Single command to patch all of these:

sudo apt-get install --only-upgrade -y editorconfig

Ubuntu resolute

Source: Ubuntu USN

CVE-2026-40489→ fixed in0.12.10+~0.17.1-3ubuntu0.1USN-8238-1

Single command to patch all of these:

sudo apt-get install --only-upgrade -y editorconfig

Alpine edge

Source: Alpine secdb

CVE-2026-40489→ fixed in0.12.11-r0

Single command to patch all of these:

apk add --upgrade editorconfig

Is YOUR editorconfig patched?

5-second check on your actual server. The quickscan reads your installed editorconfig version and matches against the same 8-CVE catalog above.

curl https://mindsparkstack.com/scan.sh | bash

Form-based quickscan Continuous monitoring ($99 lifetime)