Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c3549928 by Salvatore Bonaccorso at 2026-01-30T21:44:58+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4,13 +4,13 @@ CVE-2026-25128 (fast-xml-parser allows users to validate XML,
parse XML to JS ob
NOTE: Fixed by:
https://github.com/NaturalIntelligence/fast-xml-parser/commit/4e387f61c4a5cef792f6a2f42467013290bf95dc
(v5.3.4)
NOTE: node-webfont provides node-fast-xml-parser
CVE-2026-25050 (Vendure is an open-source headless commerce platform. Prior to
version ...)
- TODO: check
+ NOT-FOR-US: Vendure
CVE-2026-24855 (ChurchCRM is an open-source church management system. Versions
prior t ...)
NOT-FOR-US: ChurchCRM
CVE-2026-24854 (ChurchCRM is an open-source church management system. A SQL
Injection ...)
NOT-FOR-US: ChurchCRM
CVE-2026-23835 (LobeHub is an open source human-and-AI-agent network. Prior to
version ...)
- TODO: check
+ NOT-FOR-US: LobeHub
CVE-2026-22626 (Due to insufficient input parameter validation on the
interface, authe ...)
NOT-FOR-US: Hikvision
CVE-2026-22625 (Improper handling of filenames in certain HIKSEMI NAS products
may lea ...)
@@ -28,11 +28,11 @@ CVE-2026-1702 (A vulnerability was detected in
SourceCodester Pet Grooming Manag
CVE-2026-1701 (A security vulnerability has been detected in itsourcecode
Student Man ...)
NOT-FOR-US: itsourcecode System
CVE-2026-1700 (A weakness has been identified in projectworlds House Rental
and Prope ...)
- TODO: check
+ NOT-FOR-US: projectworlds House Rental and Property Listing
CVE-2026-1699 (In the Eclipse Theia Website repository, the GitHub Actions
workflow . ...)
TODO: check
CVE-2026-1691 (A vulnerability has been found in bolo-solo up to 2.6.4. This
impacts ...)
- TODO: check
+ NOT-FOR-US: bolo-solo
CVE-2026-1690 (A flaw has been found in Tenda HG10
US_HG7_HG9_HG10re_300001138_en_xpo ...)
NOT-FOR-US: Tenda
CVE-2026-1689 (A vulnerability was detected in Tenda HG10
US_HG7_HG9_HG10re_300001138 ...)
@@ -46,11 +46,11 @@ CVE-2026-1686 (A security flaw has been discovered in
Totolink A3600R 5.9c.4959.
CVE-2026-1685 (A vulnerability was identified in D-Link DIR-823X 250416. This
vulnera ...)
NOT-FOR-US: D-Link
CVE-2026-1684 (A vulnerability was found in Free5GC SMF up to 4.1.0. Affected
by this ...)
- TODO: check
+ NOT-FOR-US: Free5GC
CVE-2026-1683 (A vulnerability has been found in Free5GC SMF up to 4.1.0.
Affected by ...)
- TODO: check
+ NOT-FOR-US: Free5GC
CVE-2026-1682 (A flaw has been found in Free5GC SMF up to 4.1.0. Affected is
the func ...)
- TODO: check
+ NOT-FOR-US: Free5GC
CVE-2026-1498 (An LDAP Injection vulnerability in WatchGuard Fireware OS may
allow a ...)
NOT-FOR-US: WatchGuard
CVE-2026-0709 (Some Hikvision Wireless Access Points are vulnerable to
authenticated ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3549928473a54ebd9f58abeda13293558019ced
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3549928473a54ebd9f58abeda13293558019ced
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
