Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b0680ccb by Moritz Muehlenhoff at 2026-01-20T12:50:53+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -172,9 +172,9 @@ CVE-2026-22037 (The @fastify/express plugin adds full
Express compatibility to F
CVE-2026-22031 (@fastify/middie is the plugin that adds middleware support on
steroids ...)
NOT-FOR-US: fastify/middie
CVE-2026-21696 (Wings is the server control plane for Pterodactyl, a free,
open-source ...)
- TODO: check
+ NOT-FOR-US: Wings
CVE-2026-21618 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: hexpm
CVE-2026-1181 (A stored cross-site scripting (XSS) vulnerability exists in the
Altium ...)
NOT-FOR-US: Altium
CVE-2026-1174 (A vulnerability was determined in birkir prime up to
0.4.0.beta.0. Thi ...)
@@ -230,13 +230,13 @@ CVE-2026-1007 (Incorrect Authorization vulnerability in
virtual gateway componen
CVE-2026-0610 (SQL Injection vulnerability in remote-sessions in Devolutions
Server.T ...)
NOT-FOR-US: Devolutions
CVE-2025-69199 (Wings is the server control plane for Pterodactyl, a free,
open-source ...)
- TODO: check
+ NOT-FOR-US: Wings
CVE-2025-69198 (Pterodactyl is a free, open-source game server management
panel. Ptero ...)
- TODO: check
+ NOT-FOR-US: Pterodactyl
CVE-2025-68616 (WeasyPrint helps web developers to create PDF documents. Prior
to vers ...)
- TODO: check
+ NOT-FOR-US: WeasyPrint
CVE-2025-61684 (Quicly, an IETF QUIC protocol implementation, is susceptible
to a deni ...)
- TODO: check
+ NOT-FOR-US: Quicly
CVE-2025-55252 (HCL AION version 2 is affected by a Weak Password Policy
vulnerability ...)
NOT-FOR-US: HCL
CVE-2025-55251 (HCL AION is affected by an Unrestricted File Upload
vulnerability. Thi ...)
@@ -343,7 +343,7 @@ CVE-2026-1130 (A flaw has been found in Yonyou KSOA 9.0.
This issue affects some
CVE-2026-1129 (A vulnerability was detected in Yonyou KSOA 9.0. This
vulnerability af ...)
NOT-FOR-US: Yonyou KSOA
CVE-2025-15539 (A vulnerability was determined in Open5GS up to 2.7.6.
Impacted is the ...)
- TODO: check
+ - open5gs <itp> (bug #1094791)
CVE-2025-15538 (A security vulnerability has been detected in Open Asset
Import Librar ...)
TODO: check
CVE-2026-0943 (HarfBuzz::Shaper versions before 0.032 for Perl contains a
bundled lib ...)
@@ -352,7 +352,7 @@ CVE-2026-0943 (HarfBuzz::Shaper versions before 0.032 for
Perl contains a bundle
NOTE: upload to the archive.
NOTE: https://lists.security.metacpan.org/cve-announce/msg/36208377/
CVE-2026-1126 (A security vulnerability has been detected in lwj flow up to
a3d2fe813 ...)
- TODO: check
+ NOT-FOR-US: lwj flow
CVE-2026-1125 (A weakness has been identified in D-Link DIR-823X 250416.
Affected by ...)
NOT-FOR-US: D-Link
CVE-2026-1124 (A security flaw has been discovered in Yonyou KSOA 9.0.
Affected by th ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0680ccb67dc9b0672c5ca1610a89536f1418d75
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0680ccb67dc9b0672c5ca1610a89536f1418d75
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
