Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ccb81c9b by Salvatore Bonaccorso at 2026-02-09T21:26:19+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21,7 +21,7 @@ CVE-2026-2223 (A security vulnerability has been detected in
code-projects Onlin
CVE-2026-25905 (The Python code being run by 'runPython' or 'runPythonAsync'
is not is ...)
TODO: check
CVE-2026-25904 (The Pydantic-AI MCP Run Python tool configures the Deno
sandbox with a ...)
- TODO: check
+ NOT-FOR-US: Pydantic-AI MCP Run Python tool
CVE-2026-25848 (In JetBrains Hub before 2025.3.119807 authentication bypass
allowing a ...)
NOT-FOR-US: JetBrains
CVE-2026-25847 (In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on
Jupyter viewer ...)
@@ -29,39 +29,39 @@ CVE-2026-25847 (In JetBrains PyCharm before 2025.3.2 a
DOM-based XSS on Jupyter
CVE-2026-25846 (In JetBrains YouTrack before 2025.3.119033 access tokens could
be expo ...)
NOT-FOR-US: JetBrains
CVE-2026-25598 (Harden-Runner is a CI/CD security agent that works like an EDR
for Git ...)
- TODO: check
+ NOT-FOR-US: Harden-Runner
CVE-2026-25498 (Craft is a platform for creating digital experiences. In
versions 4.0. ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2026-25497 (Craft is a platform for creating digital experiences. In Craft
version ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2026-25496 (Craft is a platform for creating digital experiences. In Craft
version ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2026-25495 (Craft is a platform for creating digital experiences. In Craft
version ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2026-25494 (Craft is a platform for creating digital experiences. In
Craft versio ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2026-25493 (Craft is a platform for creating digital experiences. In Craft
version ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2026-25492 (Craft CMS is a content management system. In Craft versions
3.5.0 thro ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2026-25491 (Craft is a platform for creating digital experiences. From
5.0.0-RC1 t ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2026-25480 (Litestar is an Asynchronous Server Gateway Interface (ASGI)
framework. ...)
- TODO: check
+ NOT-FOR-US: Litestar
CVE-2026-25479 (Litestar is an Asynchronous Server Gateway Interface (ASGI)
framework. ...)
- TODO: check
+ NOT-FOR-US: Litestar
CVE-2026-25478 (Litestar is an Asynchronous Server Gateway Interface (ASGI)
framework. ...)
- TODO: check
+ NOT-FOR-US: Litestar
CVE-2026-25231 (FileRise is a self-hosted web file manager / WebDAV server.
Versions p ...)
- TODO: check
+ NOT-FOR-US: FileRise
CVE-2026-25230 (FileRise is a self-hosted web file manager / WebDAV server.
Prior to 3 ...)
- TODO: check
+ NOT-FOR-US: FileRise
CVE-2026-25057 (MarkUs is a web application for the submission and grading of
student ...)
- TODO: check
+ NOT-FOR-US: MarkUs
CVE-2026-24900 (MarkUs is a web application for the submission and grading of
student ...)
- TODO: check
+ NOT-FOR-US: MarkUs
CVE-2026-24777 (OpenProject is an open-source, web-based project management
software. ...)
- TODO: check
+ NOT-FOR-US: OpenProject
CVE-2026-24095 (Improper permission enforcement in Checkmk versions 2.4.0
before 2.4.0 ...)
TODO: check
CVE-2026-21419 (Dell Display and Peripheral Manager (Windows) versions prior
to 2.2 co ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccb81c9b9b7d6ddbc4430696ed882fefb53d17c4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccb81c9b9b7d6ddbc4430696ed882fefb53d17c4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
