Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a7eaf739 by security tracker role at 2026-03-24T20:14:07+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23,25 +23,25 @@ CVE-2026-33675 (Vikunja is an open-source self-hosted task
management platform.
CVE-2026-33668 (Vikunja is an open-source self-hosted task management
platform. Starti ...)
TODO: check
CVE-2026-33627 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-33624 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-33554 (ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer
overflows o ...)
TODO: check
CVE-2026-33539 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-33538 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-33527 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-33511 (pyLoad is a free and open-source download manager written in
Python. F ...)
TODO: check
CVE-2026-33509 (pyLoad is a free and open-source download manager written in
Python. F ...)
TODO: check
CVE-2026-33508 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-33498 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-33497 (Langflow is a tool for building and deploying AI-powered
agents and wo ...)
TODO: check
CVE-2026-33484 (Langflow is a tool for building and deploying AI-powered
agents and wo ...)
@@ -53,9 +53,9 @@ CVE-2026-33474 (Vikunja is an open-source self-hosted task
management platform.
CVE-2026-33473 (Vikunja is an open-source self-hosted task management
platform. Starti ...)
TODO: check
CVE-2026-33429 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-33421 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-33419 (MinIO is a high-performance object storage system. Prior to
RELEASE.20 ...)
TODO: check
CVE-2026-33418 (DiceBear is an avatar library for designers and developers.
Prior to v ...)
@@ -63,7 +63,7 @@ CVE-2026-33418 (DiceBear is an avatar library for designers
and developers. Prio
CVE-2026-33417 (Wallos is an open-source, self-hostable personal subscription
tracker. ...)
TODO: check
CVE-2026-33409 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-33407 (Wallos is an open-source, self-hostable personal subscription
tracker. ...)
TODO: check
CVE-2026-33401 (Wallos is an open-source, self-hostable personal subscription
tracker. ...)
@@ -99,7 +99,7 @@ CVE-2026-33329 (FileRise is a self-hosted web file manager /
WebDAV server. From
CVE-2026-33326 (Keystone is a content management system for Node.js. Prior to
version ...)
TODO: check
CVE-2026-33323 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-33322 (MinIO is a high-performance object storage system. From
RELEASE.2022-1 ...)
TODO: check
CVE-2026-33316 (Vikunja is an open-source self-hosted task management
platform. Prior ...)
@@ -151,7 +151,7 @@ CVE-2026-2417 (A Missing Authentication for Critical
Function vulnerability in P
CVE-2026-29840 (JiZhiCMS v2.5.6 and before contains a Stored Cross-Site
Scripting (XSS ...)
TODO: check
CVE-2026-29839 (DedeCMS v5.7.118 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2026-29772 (Astro is a web framework. Prior to version 10.0.0, Astro's
Server Isla ...)
TODO: check
CVE-2026-28755 (NGINX Plus and NGINX Open Source have a vulnerability in the
ngx_strea ...)
@@ -179,15 +179,15 @@ CVE-2026-23919 (For performance reasons Zabbix
Server/Proxy reuses JavaScript (D
CVE-2026-22559 (An Improper Input Validation vulnerability in UniFi Network
Server may ...)
TODO: check
CVE-2026-21783 (HCL Traveler is affected by sensitive information disclosure.
The appl ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2026-1995 (IDrive\u2019s id_service.exe process runs with elevated
privileges and ...)
TODO: check
CVE-2025-71275 (Zimbra Collaboration Suite (ZCS) PostJournal service version
8.8.15 co ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2025-64998 (Exposure of session signing secret in Checkmk <2.4.0p23,
<2.3.0p45 and ...)
TODO: check
CVE-2025-11571 (Vulnerable endpoints accept user-controlled input through a
URL in JSO ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2019-25647 (PhreeBooks ERP 5.2.3 contains a remote code execution
vulnerability in ...)
TODO: check
CVE-2019-25646 (Tabs Mail Carrier 2.5.1 contains a buffer overflow
vulnerability in th ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7eaf73961af9c0cfcccca5a791ac6fee9dfd42a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7eaf73961af9c0cfcccca5a791ac6fee9dfd42a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
