Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
44b65125 by Moritz Muehlenhoff at 2026-01-14T09:42:39+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
CVE-2026-23478 (Cal.com is open-source scheduling software. From 3.1.6 to
before 6.0.7 ...)
- TODO: check
+ NOT-FOR-US: Cal.com
CVE-2026-22871 (GuardDog is a CLI tool to identify malicious PyPI packages.
Prior to 2 ...)
- TODO: check
+ NOT-FOR-US: GuardDog (different from the src:guarddog once package)
CVE-2026-22870 (GuardDog is a CLI tool to identify malicious PyPI packages.
Prior to 2 ...)
- TODO: check
+ NOT-FOR-US: GuardDog (different from the src:guarddog once package)
CVE-2026-22869 (Eigent is a multi-agent Workforce. A critical security
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: Eigent
CVE-2026-22868 (go-ethereum (geth) is a golang execution layer implementation
of the E ...)
TODO: check
CVE-2026-22862 (go-ethereum (geth) is a golang execution layer implementation
of the E ...)
TODO: check
CVE-2026-22861 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-22718 (The VSCode extension for Spring CLI are vulnerable to command
injectio ...)
- TODO: check
+ NOT-FOR-US: VSCode extension
CVE-2026-22686 (Enclave is a secure JavaScript sandbox designed for safe AI
agent code ...)
TODO: check
CVE-2026-21308 (Substance3D - Designer versions 15.0.3 and earlier are
affected by an ...)
@@ -55,13 +55,13 @@ CVE-2026-0635 (The Responsive Accordion Slider plugin for
WordPress is vulnerabl
CVE-2026-0594 (The List Site Contributors plugin for WordPress is vulnerable
to Refle ...)
NOT-FOR-US: WordPress plugin
CVE-2026-0543 (Improper Input Validation (CWE-20) in Kibana's Email Connector
can all ...)
- TODO: check
+ - kibana <itp> (bug #700337)
CVE-2026-0531 (Allocation of Resources Without Limits or Throttling (CWE-770)
in Kiba ...)
- TODO: check
+ - kibana <itp> (bug #700337)
CVE-2026-0530 (Allocation of Resources Without Limits or Throttling (CWE-770)
in Kiba ...)
- TODO: check
+ - kibana <itp> (bug #700337)
CVE-2026-0528 (Improper Validation of Array Index (CWE-129) exists in
Metricbeat can ...)
- TODO: check
+ NOT-FOR-US: Elastic Metricbeat
CVE-2025-68970 (Permission verification bypass vulnerability in the media
library modu ...)
NOT-FOR-US: Huawei
CVE-2025-68969 (Multi-thread race condition vulnerability in the thermal
management mo ...)
@@ -95,11 +95,11 @@ CVE-2025-68956 (Multi-thread race condition vulnerability
in the card framework
CVE-2025-68955 (Multi-thread race condition vulnerability in the card
framework module ...)
NOT-FOR-US: Huawei
CVE-2025-68947 (NSecsoft 'NSecKrnl' is a Windows driver that allows a local,
authentic ...)
- TODO: check
+ NOT-FOR-US: NSecsoft NSecKrnl
CVE-2025-68658 (Open Source Point of Sale (opensourcepos) is a web based point
of sale ...)
- TODO: check
+ NOT-FOR-US: Open Source Point of Sale
CVE-2025-68492 (Chainlit versions prior to 2.8.5 contain an authorization
bypass throu ...)
- TODO: check
+ NOT-FOR-US: Chainlit
CVE-2025-37186 (A local privilege-escalation vulnerability has been discovered
in the ...)
NOT-FOR-US: HPE
CVE-2025-37179 (Multiple out-of-bounds read vulnerabilities were identified in
a syste ...)
@@ -141,7 +141,7 @@ CVE-2025-15283 (The Name Directory plugin for WordPress is
vulnerable to Stored
CVE-2025-15266 (The GeekyBot \u2014 Generate AI Content Without Prompt,
Chatbot and Le ...)
NOT-FOR-US: WordPress plugin
CVE-2025-15056 (A lack of data validation vulnerability in the HTML export
feature in ...)
- TODO: check
+ NOT-FOR-US: Quill
CVE-2025-15021 (The Gotham Block Extra Light plugin for WordPress is
vulnerable to Sto ...)
NOT-FOR-US: WordPress plugin
CVE-2025-15020 (The Gotham Block Extra Light plugin for WordPress is
vulnerable to Arb ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44b651252e6e90990c515175d68b3e93e9d6dd93
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44b651252e6e90990c515175d68b3e93e9d6dd93
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
