Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cf0b5952 by Salvatore Bonaccorso at 2026-03-08T08:22:47+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -22,41 +22,41 @@ CVE-2026-3662 (A vulnerability has been found in Wavlink
WL-NU516U1 240425. This
CVE-2026-3661 (A flaw has been found in Wavlink WL-NU516U1 240425. This
affects the f ...)
NOT-FOR-US: Wavlink
CVE-2026-30863 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-30861 (WeKnora is an LLM-powered framework designed for deep document
underst ...)
- TODO: check
+ NOT-FOR-US: WeKnora
CVE-2026-30860 (WeKnora is an LLM-powered framework designed for deep document
underst ...)
- TODO: check
+ NOT-FOR-US: WeKnora
CVE-2026-30859 (WeKnora is an LLM-powered framework designed for deep document
underst ...)
- TODO: check
+ NOT-FOR-US: WeKnora
CVE-2026-30858 (WeKnora is an LLM-powered framework designed for deep document
underst ...)
- TODO: check
+ NOT-FOR-US: WeKnora
CVE-2026-30857 (WeKnora is an LLM-powered framework designed for deep document
underst ...)
- TODO: check
+ NOT-FOR-US: WeKnora
CVE-2026-30856 (WeKnora is an LLM-powered framework designed for deep document
underst ...)
- TODO: check
+ NOT-FOR-US: WeKnora
CVE-2026-30855 (WeKnora is an LLM-powered framework designed for deep document
underst ...)
- TODO: check
+ NOT-FOR-US: WeKnora
CVE-2026-30854 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-30852 (Caddy is an extensible server platform that uses TLS by
default. From ...)
TODO: check
CVE-2026-30851 (Caddy is an extensible server platform that uses TLS by
default. From ...)
TODO: check
CVE-2026-30850 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-30848 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-30838 (league/commonmark is a PHP Markdown parser. Prior to version
2.8.1, th ...)
TODO: check
CVE-2026-30834 (PinchTab is a standalone HTTP server that gives AI agents
direct contr ...)
- TODO: check
+ NOT-FOR-US: PinchTab
CVE-2026-30832 (Soft Serve is a self-hostable Git server for the command line.
From ve ...)
- TODO: check
+ NOT-FOR-US: Soft Serve
CVE-2026-2671 (A vulnerability was detected in Mendi Neurofeedback Headset V4.
Affect ...)
TODO: check
CVE-2026-29787 (mcp-memory-service is an open-source memory backend for
multi-agent sy ...)
- TODO: check
+ NOT-FOR-US: mcp-memory-service
CVE-2026-29786 (node-tar is a full-featured Tar for Node.js. Prior to version
7.5.10, ...)
- node-tar <unfixed>
NOTE:
https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96
@@ -68,37 +68,37 @@ CVE-2026-29781 (Sliver is a command and control framework
that uses a custom Wir
CVE-2026-29780 (eml_parser serves as a python module for parsing eml files and
returni ...)
TODO: check
CVE-2026-29779 (UptimeFlare is a serverless uptime monitoring & status page
solution, ...)
- TODO: check
+ NOT-FOR-US: UptimeFlare
CVE-2026-29778 (pyLoad is a free and open-source download manager written in
Python. F ...)
TODO: check
CVE-2026-29771 (Netmaker makes networks with WireGuard. Prior to version
1.2.0, the /a ...)
- TODO: check
+ NOT-FOR-US: Netmaker
CVE-2026-29196 (Netmaker makes networks with WireGuard. Prior to version
1.5.0, a user ...)
- TODO: check
+ NOT-FOR-US: Netmaker
CVE-2026-29195 (Netmaker makes networks with WireGuard. Prior to version
1.5.0, the us ...)
- TODO: check
+ NOT-FOR-US: Netmaker
CVE-2026-29194 (Netmaker makes networks with WireGuard. Prior to version
1.5.0, the Au ...)
- TODO: check
+ NOT-FOR-US: Netmaker
CVE-2026-29193 (ZITADEL is an open source identity management platform. From
version 4 ...)
- TODO: check
+ NOT-FOR-US: Zitadel
CVE-2026-29192 (ZITADEL is an open source identity management platform. From
version 4 ...)
- TODO: check
+ NOT-FOR-US: Zitadel
CVE-2026-29191 (ZITADEL is an open source identity management platform. From
version 4 ...)
- TODO: check
+ NOT-FOR-US: Zitadel
CVE-2026-29190 (Karapace is an open-source implementation of Kafka REST and
Schema Reg ...)
- TODO: check
+ NOT-FOR-US: Karapace
CVE-2026-29186 (Backstage is an open framework for building developer portals.
Prior t ...)
- TODO: check
+ NOT-FOR-US: Backstage
CVE-2026-29185 (Backstage is an open framework for building developer portals.
Prior t ...)
- TODO: check
+ NOT-FOR-US: Backstage
CVE-2026-29184 (Backstage is an open framework for building developer portals.
Prior t ...)
- TODO: check
+ NOT-FOR-US: Backstage
CVE-2026-29076 (cpp-httplib is a C++11 single-file header-only cross platform
HTTP/HTT ...)
TODO: check
CVE-2026-29067 (ZITADEL is an open source identity management platform. From
version 4 ...)
- TODO: check
+ NOT-FOR-US: Zitadel
CVE-2026-28678 (DSA Study Hub is an interactive educational web application.
Prior to ...)
- TODO: check
+ NOT-FOR-US: DSA Study Hub
CVE-2026-24308 (Improper handling of configuration values in ZKConfig in
Apache ZooKee ...)
TODO: check
CVE-2026-24281 (Hostname verification in Apache ZooKeeper ZKTrustManager falls
back to ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf0b5952882e885e1f615f89a0c86134fb41e735
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf0b5952882e885e1f615f89a0c86134fb41e735
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
