Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b412efa7 by Moritz Muehlenhoff at 2026-02-10T17:54:20+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -60,7 +60,7 @@ CVE-2026-25923 (my little forum is a PHP and MySQL based
internet forum that dis
CVE-2026-25920 (SumatraPDF is a multi-format reader for Windows. In 3.5.2 and
earlier, ...)
NOT-FOR-US: SumatraPDF
CVE-2026-25918 (unity-cli is a command line utility for the Unity Game Engine.
Prior t ...)
- TODO: check
+ NOT-FOR-US: unity-cli
CVE-2026-25895 (FUXA is a web-based Process Visualization
(SCADA/HMI/Dashboard) softwa ...)
NOT-FOR-US: FUXA
CVE-2026-25894 (FUXA is a web-based Process Visualization
(SCADA/HMI/Dashboard) softwa ...)
@@ -108,9 +108,9 @@ CVE-2026-25791 (Sliver is a command and control framework
that uses a custom Wir
CVE-2026-25765 (Faraday is an HTTP client library abstraction layer that
provides a co ...)
TODO: check
CVE-2026-25761 (Super-linter is a combination of multiple linters to run as a
GitHub A ...)
- TODO: check
+ NOT-FOR-US: super-linter
CVE-2026-25740 (captive browser, a dedicated Chrome instance to log into
captive porta ...)
- TODO: check
+ NOT-FOR-US: captive browser
CVE-2026-25639 (Axios is a promise based HTTP client for the browser and
Node.js. Prio ...)
TODO: check
CVE-2026-25528 (LangSmith Client SDKs provide SDK's for interacting with the
LangSmith ...)
@@ -239,7 +239,7 @@ CVE-2026-2224 (A vulnerability was detected in
code-projects Online Reviewer Sys
CVE-2026-2223 (A security vulnerability has been detected in code-projects
Online Rev ...)
NOT-FOR-US: code-projects
CVE-2026-25905 (The Python code being run by 'runPython' or 'runPythonAsync'
is not is ...)
- TODO: check
+ NOT-FOR-US: mcp-run-python
CVE-2026-25904 (The Pydantic-AI MCP Run Python tool configures the Deno
sandbox with a ...)
NOT-FOR-US: Pydantic-AI MCP Run Python tool
CVE-2026-25848 (In JetBrains Hub before 2025.3.119807 authentication bypass
allowing a ...)
@@ -310,7 +310,7 @@ CVE-2025-7432 (DPA countermeasures in Silicon Labs' Series
2 devices are not res
CVE-2025-6830 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: Xpoda Studio
CVE-2025-66630 (Fiber is an Express inspired web framework written in Go.
Before 2.52. ...)
- TODO: check
+ NOT-FOR-US: gofiber
CVE-2025-63354 (Hitron HI3120 v7.2.4.5.2b1 allows stored XSS via the Parental
Control ...)
NOT-FOR-US: Hitron HI3120
CVE-2026-1584
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b412efa74ac06cc0f79786192cb37ed94452a8a5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b412efa74ac06cc0f79786192cb37ed94452a8a5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
