Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
824f860d by Salvatore Bonaccorso at 2026-02-10T09:38:54+01:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
CVE-2026-2260 (A vulnerability was found in D-Link DCS-931L up to 1.13.0. This
affect ...)
NOT-FOR-US: D-Link
CVE-2026-2259 (A vulnerability has been found in aardappel lobster up to
2025.4. Affe ...)
- TODO: check
+ NOT-FOR-US: aardappel lobster
CVE-2026-2258 (A flaw has been found in aardappel lobster up to 2025.4.
Affected by t ...)
- TODO: check
+ NOT-FOR-US: aardappel lobster
CVE-2026-2099 (AgentFlow developed by Flowring has a Stored Cross-Site
Scripting vuln ...)
- TODO: check
+ NOT-FOR-US: AgentFlow
CVE-2026-2098 (AgentFlow developed by Flowring has a Reflected Cross-site
Scripting v ...)
- TODO: check
+ NOT-FOR-US: AgentFlow
CVE-2026-2097 (Agentflow developed by Flowring has an Arbitrary File Upload
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: AgentFlow
CVE-2026-2096 (Agentflow developed by Flowring has a Missing Authentication
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: AgentFlow
CVE-2026-2095 (Agentflow developed by Flowring has an Authentication Bypass
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: AgentFlow
CVE-2026-2094 (Docpedia developed by Flowring has a SQL Injection
vulnerability, allo ...)
- TODO: check
+ NOT-FOR-US: Docpedia
CVE-2026-2093 (Docpedia developed by Flowring has a SQL Injection
vulnerability, allo ...)
- TODO: check
+ NOT-FOR-US: Docpedia
CVE-2026-25981
REJECTED
CVE-2026-25980
@@ -39,9 +39,9 @@ CVE-2026-25973
CVE-2026-25961 (SumatraPDF is a multi-format reader for Windows. In 3.5.0
through 3.5. ...)
NOT-FOR-US: SumatraPDF
CVE-2026-25958 (Cube is a semantic layer for building data applications. From
0.27.19 ...)
- TODO: check
+ NOT-FOR-US: Cube
CVE-2026-25957 (Cube is a semantic layer for building data applications. From
1.1.17 t ...)
- TODO: check
+ NOT-FOR-US: Cube
CVE-2026-25951 (FUXA is a web-based Process Visualization
(SCADA/HMI/Dashboard) softwa ...)
NOT-FOR-US: FUXA
CVE-2026-25939 (FUXA is a web-based Process Visualization
(SCADA/HMI/Dashboard) softwa ...)
@@ -61,49 +61,49 @@ CVE-2026-25920 (SumatraPDF is a multi-format reader for
Windows. In 3.5.2 and ea
CVE-2026-25918 (unity-cli is a command line utility for the Unity Game Engine.
Prior t ...)
TODO: check
CVE-2026-25895 (FUXA is a web-based Process Visualization
(SCADA/HMI/Dashboard) softwa ...)
- TODO: check
+ NOT-FOR-US: FUXA
CVE-2026-25894 (FUXA is a web-based Process Visualization
(SCADA/HMI/Dashboard) softwa ...)
- TODO: check
+ NOT-FOR-US: FUXA
CVE-2026-25893 (FUXA is a web-based Process Visualization
(SCADA/HMI/Dashboard) softwa ...)
- TODO: check
+ NOT-FOR-US: FUXA
CVE-2026-25892 (Adminer is open-source database management software. Adminer
v5.4.1 an ...)
TODO: check
CVE-2026-25890 (File Browser provides a file managing interface within a
specified dir ...)
- TODO: check
+ NOT-FOR-US: File Browser
CVE-2026-25889 (File Browser provides a file managing interface within a
specified dir ...)
- TODO: check
+ NOT-FOR-US: File Browser
CVE-2026-25885 (PolarLearn is a free and open-source learning program. In
0-PRERELEASE ...)
- TODO: check
+ NOT-FOR-US: PolarLearn
CVE-2026-25881 (SandboxJS is a JavaScript sandboxing library. Prior to 0.8.31,
a sandb ...)
- TODO: check
+ NOT-FOR-US: SandboxJS Node module
CVE-2026-25880 (SumatraPDF is a multi-format reader for Windows. In 3.5.2 and
earlier, ...)
- TODO: check
+ NOT-FOR-US: SumatraPDF
CVE-2026-25878 (FroshAdminer is the Adminer plugin for Shopware Platform.
Prior to 2.2 ...)
- TODO: check
+ NOT-FOR-US: FroshAdminer
CVE-2026-25876 (PlaciPy is a placement management system designed for
educational inst ...)
- TODO: check
+ NOT-FOR-US: PlaciPy
CVE-2026-25875 (PlaciPy is a placement management system designed for
educational inst ...)
- TODO: check
+ NOT-FOR-US: PlaciPy
CVE-2026-25814 (PlaciPy is a placement management system designed for
educational inst ...)
- TODO: check
+ NOT-FOR-US: PlaciPy
CVE-2026-25813 (PlaciPy is a placement management system designed for
educational inst ...)
- TODO: check
+ NOT-FOR-US: PlaciPy
CVE-2026-25812 (PlaciPy is a placement management system designed for
educational inst ...)
- TODO: check
+ NOT-FOR-US: PlaciPy
CVE-2026-25811 (PlaciPy is a placement management system designed for
educational inst ...)
- TODO: check
+ NOT-FOR-US: PlaciPy
CVE-2026-25810 (PlaciPy is a placement management system designed for
educational inst ...)
- TODO: check
+ NOT-FOR-US: PlaciPy
CVE-2026-25809 (PlaciPy is a placement management system designed for
educational inst ...)
- TODO: check
+ NOT-FOR-US: PlaciPy
CVE-2026-25808 (Hollo is a federated single-user microblogging software
designed to be ...)
- TODO: check
+ NOT-FOR-US: Hollo
CVE-2026-25807 (ZAI Shell is an autonomous SysOps agent designed to navigate,
repair, ...)
- TODO: check
+ NOT-FOR-US: ZAI Shell
CVE-2026-25806 (PlaciPy is a placement management system designed for
educational inst ...)
- TODO: check
+ NOT-FOR-US: PlaciPy
CVE-2026-25791 (Sliver is a command and control framework that uses a custom
Wireguard ...)
- TODO: check
+ NOT-FOR-US: Sliver
CVE-2026-25765 (Faraday is an HTTP client library abstraction layer that
provides a co ...)
TODO: check
CVE-2026-25761 (Super-linter is a combination of multiple linters to run as a
GitHub A ...)
@@ -113,7 +113,7 @@ CVE-2026-25740 (captive browser, a dedicated Chrome
instance to log into captive
CVE-2026-25639 (Axios is a promise based HTTP client for the browser and
Node.js. Prio ...)
TODO: check
CVE-2026-25528 (LangSmith Client SDKs provide SDK's for interacting with the
LangSmith ...)
- TODO: check
+ NOT-FOR-US: LangSmith Client SDK
CVE-2026-24328 (SAP TAF_APPLAUNCHER within Business Server Pages allows
unauthenticate ...)
NOT-FOR-US: SAP
CVE-2026-24327 (Due to missing authorization check in SAP Strategic Enterprise
Managem ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/824f860d04e09e942da4468ed1dcd9a8d49006cd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/824f860d04e09e942da4468ed1dcd9a8d49006cd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
