Hi, It may be known already but https://security-tracker.debian.org/tracker/source-package/sqlite3 doesn't contain its vulnerability information. Tencent Blade Team released a security advisory about "Magellan" bug in sqlite, that was fixed in upstream 3.26.0. See https://blade.tencent.com/magellan/index_en.html CVE is not assigned yet, but we should track and try to fix it. -- Hideki Yamane <henrich@iijmio-mail.jp>