Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bc0e6050 by Salvatore Bonaccorso at 2026-02-27T09:23:49+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,17 +3,17 @@ CVE-2026-3302 (A weakness has been identified in
SourceCodester Doctor Appointme
CVE-2026-3301 (A security flaw has been discovered in Totolink N300RH
6.1c.1353_B2019 ...)
NOT-FOR-US: TOTOLINK
CVE-2026-3293 (A weakness has been identified in snowflakedb snowflake-jdbc up
to 4.0 ...)
- TODO: check
+ NOT-FOR-US: Snowflake JDBC Driver
CVE-2026-3292 (A security vulnerability has been detected in jizhiCMS up to
2.5.6. Af ...)
- TODO: check
+ NOT-FOR-US: jizhiCMS
CVE-2026-3289 (A weakness has been identified in Sanluan PublicCMS 6.202506.d.
This i ...)
- TODO: check
+ NOT-FOR-US: Sanluan PublicCMS
CVE-2026-3287 (A security flaw has been discovered in youlaitech youlai-mall
2.0.0. T ...)
- TODO: check
+ NOT-FOR-US: youlaitech youlai-mall
CVE-2026-3286 (A vulnerability was identified in itwanger paicoding
1.0.0/1.0.1/1.0.2 ...)
- TODO: check
+ NOT-FOR-US: itwanger paicoding
CVE-2026-3285 (A vulnerability was determined in berry-lang berry up to 1.1.0.
The af ...)
- TODO: check
+ NOT-FOR-US: berry-lang berry
CVE-2026-3284 (A vulnerability was found in libvips 8.19.0. Impacted is the
function ...)
TODO: check
CVE-2026-3283 (A vulnerability has been found in libvips 8.19.0. This issue
affects t ...)
@@ -33,19 +33,19 @@ CVE-2026-3272 (A vulnerability was determined in Tenda F453
1.0.0.3. Affected is
CVE-2026-3271 (A vulnerability was found in Tenda F453 1.0.0.3. This impacts
the func ...)
NOT-FOR-US: Tenda
CVE-2026-3270 (A vulnerability has been found in psi-probe PSI Probe up to
5.3.0. Thi ...)
- TODO: check
+ NOT-FOR-US: psi-probe PSI Probe
CVE-2026-3269 (A flaw has been found in psi-probe PSI Probe up to 5.3.0. The
impacted ...)
- TODO: check
+ NOT-FOR-US: psi-probe PSI Probe
CVE-2026-3268 (A vulnerability was detected in psi-probe PSI Probe up to
5.3.0. The a ...)
- TODO: check
+ NOT-FOR-US: psi-probe PSI Probe
CVE-2026-3265 (A vulnerability was identified in go2ismail Free-CRM up to
b83c40a9072 ...)
- TODO: check
+ NOT-FOR-US: go2ismail Free-CRM
CVE-2026-3264 (A vulnerability was determined in go2ismail Free-CRM up to
b83c40a9072 ...)
- TODO: check
+ NOT-FOR-US: go2ismail Free-CRM
CVE-2026-3263 (A vulnerability was found in go2ismail
Asp.Net-Core-Inventory-Order-Ma ...)
- TODO: check
+ NOT-FOR-US: go2ismail Asp.Net-Core-Inventory-Order-Management-System
CVE-2026-3262 (A vulnerability has been found in go2ismail
Asp.Net-Core-Inventory-Ord ...)
- TODO: check
+ NOT-FOR-US: go2ismail Asp.Net-Core-Inventory-Order-Management-System
CVE-2026-3261 (A flaw has been found in itsourcecode School Management System
1.0. Th ...)
NOT-FOR-US: itsourcecode System
CVE-2026-3037 (An OS command injection vulnerability exists in XWEB Pro
version 1.12. ...)
@@ -57,7 +57,7 @@ CVE-2026-28370 (In the query parser in OpenStack Vitrage
before 12.0.1, 13.0.0,
CVE-2026-28364 (In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer
over-read in Mar ...)
TODO: check
CVE-2026-28363 (In OpenClaw before 2026.2.23, tools.exec.safeBins validation
for sort ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-28280 (osctrl is an osquery management solution. Prior to version
0.5.0, a st ...)
TODO: check
CVE-2026-28279 (osctrl is an osquery management solution. Prior to version
0.5.0, an O ...)
@@ -69,15 +69,15 @@ CVE-2026-28275 (Initiative is a self-hosted project
management platform. Version
CVE-2026-28274 (Initiative is a self-hosted project management platform.
Versions of t ...)
TODO: check
CVE-2026-28269 (Kiteworks is a private data network (PDN). Prior to version
9.2.0, avu ...)
- TODO: check
+ NOT-FOR-US: Kiteworks
CVE-2026-28230 (SteVe is an open-source EV charging station management system.
In vers ...)
- TODO: check
+ NOT-FOR-US: SteVe
CVE-2026-28227 (Discourse is an open source discussion platform. Prior to
versions 202 ...)
NOT-FOR-US: Discourse
CVE-2026-28226 (Phishing Club is a phishing simulation and man-in-the-middle
framework ...)
- TODO: check
+ NOT-FOR-US: Phishing Club
CVE-2026-28225 (Manyfold is an open source, self-hosted web application for
managing a ...)
- TODO: check
+ NOT-FOR-US: Manyfold
CVE-2026-28219 (Discourse is an open source discussion platform. Prior to
versions 202 ...)
NOT-FOR-US: Discourse
CVE-2026-28218 (Discourse is an open source discussion platform. Prior to
versions 202 ...)
@@ -89,7 +89,7 @@ CVE-2026-28216 (hoppscotch is an open source API development
ecosystem. Prior to
CVE-2026-28215 (hoppscotch is an open source API development ecosystem. Prior
to versi ...)
TODO: check
CVE-2026-28213 (EverShop is a TypeScript-first eCommerce platform. Versions
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: EverShop
CVE-2026-28211 (The NVDA Dev & Test Toolbox is an NVDA add-on for gathering
tools to h ...)
TODO: check
CVE-2026-28208 (Junrar is an open source java RAR archive library. Prior to
version 7. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc0e60504bb6d15dc308255b711f945ff8c931cc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc0e60504bb6d15dc308255b711f945ff8c931cc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
