Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
288da72e by Salvatore Bonaccorso at 2026-01-27T10:46:27+01:00
Process two NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2026-24686 (go-tuf is a Go implementation of The Update
Framework (TUF). go-
CVE-2026-24490 (MobSF is a mobile application security testing tool used.
Prior to ver ...)
NOT-FOR-US: Mobile Security Framework (MobSF)
CVE-2026-24489 (Gakido is a Python HTTP client focused on browser
impersonation and an ...)
- TODO: check
+ NOT-FOR-US: Gakido
CVE-2026-24486 (Python-Multipart is a streaming multipart parser for Python.
Prior to ...)
- python-multipart <unfixed>
NOTE:
https://github.com/Kludex/python-multipart/security/advisories/GHSA-wp53-j4wj-2cfg
@@ -73,7 +73,7 @@ CVE-2025-59472 (A denial of service vulnerability exists in
Next.js versions wit
CVE-2025-59471 (A denial of service vulnerability exists in self-hosted
Next.js applic ...)
NOT-FOR-US: Next.js
CVE-2025-30248 (DLL hijacking in the WD Discovery Installer in Western Digital
WD Disc ...)
- TODO: check
+ NOT-FOR-US: Western Digital WD Discovery
CVE-2025-14971 (The Link Invoice Payment for WooCommerce plugin for WordPress
is vulne ...)
NOT-FOR-US: WordPress plugin
CVE-2026-24440 (Shenzhen Tenda W30E V2 firmware versions up to and including
V16.01.0. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/288da72e28ea07a0bf79cf15cfd3bb95762ad11a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/288da72e28ea07a0bf79cf15cfd3bb95762ad11a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
