Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
28e2baa5 by Moritz Muehlenhoff at 2026-02-13T10:18:02+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17,43 +17,43 @@ CVE-2026-26250
CVE-2026-26249
REJECTED
CVE-2026-26225 (Intego Personal Backup, a macOS backup utility that allows
users to cr ...)
- TODO: check
+ NOT-FOR-US: Intego
CVE-2026-26224 (Intego Log Reporter, a macOS diagnostic utility bundled with
Intego se ...)
- TODO: check
+ NOT-FOR-US: Intego
CVE-2026-26188 (Solspace Freeform plugin for Craft CMS 5.x is a super flexible
form-bu ...)
- TODO: check
+ NOT-FOR-US: Craft CMS plugin
CVE-2026-26185 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
NOT-FOR-US: Directus
CVE-2026-26076 (ntpd-rs is a full-featured implementation of the Network Time
Protocol ...)
TODO: check
CVE-2026-26075 (FastGPT is an AI Agent building platform. Due to the fact that
FastGPT ...)
- TODO: check
+ NOT-FOR-US: FastGPT
CVE-2026-26069 (Scraparr is a Prometheus Exporter for various components of
the *arr S ...)
- TODO: check
+ NOT-FOR-US: Scraparr
CVE-2026-26068 (emp3r0r is a stealth-focused C2 designed by Linux users for
Linux envi ...)
- TODO: check
+ NOT-FOR-US: emp3r0r
CVE-2026-26056 (Yoke is a Helm-inspired infrastructure-as-code (IaC) package
deployer. ...)
- TODO: check
+ NOT-FOR-US: Yoke
CVE-2026-26055 (Yoke is a Helm-inspired infrastructure-as-code (IaC) package
deployer. ...)
- TODO: check
+ NOT-FOR-US: Yoke
CVE-2026-26020 (AutoGPT is a platform that allows users to create, deploy, and
manage ...)
- TODO: check
+ NOT-FOR-US: AutoGPT
CVE-2026-26011 (navigation2 is a ROS 2 Navigation Framework and System. In
1.3.11 and ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2026-26005 (ClipBucket v5 is an open source video sharing platform. Prior
to 5.5.3 ...)
- TODO: check
+ NOT-FOR-US: ClipBucket
CVE-2026-26000 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
NOT-FOR-US: XWiki
CVE-2026-25996 (Inspektor Gadget is a set of tools and framework for data
collection a ...)
- TODO: check
+ NOT-FOR-US: Inspektor Gadget
CVE-2026-25828 (grub-btrfs through 2026-01-31 (on Arch Linux and derivative
distributi ...)
- TODO: check
+ NOT-FOR-US: grub-btrfs
CVE-2026-25108 (FileZen contains an OS command injection vulnerability. When
FileZen A ...)
- TODO: check
+ NOT-FOR-US: FileZen
CVE-2026-1721 (Summary A Reflected Cross-Site Scripting (XSS) vulnerability
was disc ...)
- TODO: check
+ NOT-FOR-US: AI Playground
CVE-2026-1358 (Airleader Master versions 6.381 and prior allow for file
uploads witho ...)
- TODO: check
+ NOT-FOR-US: Airleader Master
CVE-2026-0619 (A reachable infinite loop via an integer wraparound is present
in Sili ...)
NOT-FOR-US: Silicon Labs
CVE-2025-9293 (A vulnerability in the certificate validation logic may allow
applicat ...)
@@ -61,7 +61,7 @@ CVE-2025-9293 (A vulnerability in the certificate validation
logic may allow app
CVE-2025-9292 (A permissive web security configuration may allow cross-origin
restric ...)
TODO: check
CVE-2025-70845 (lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting
(XSS) exist ...)
- TODO: check
+ NOT-FOR-US: lty628 aidigu
CVE-2025-70092 (A cross-site scripting (XSS) vulnerability in the Item Kits
function o ...)
TODO: check
CVE-2025-48023 (A vulnerability has been found in Vnet/IP Interface Package
provided b ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28e2baa5f3afda77614c5a6be86a6d23484f7231
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28e2baa5f3afda77614c5a6be86a6d23484f7231
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
