Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
99a55288 by Salvatore Bonaccorso at 2026-04-01T22:50:57+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2026-5261 (A vulnerability was identified in Shandong
Hoteam InforCenter PLM
CVE-2026-5259 (A vulnerability was determined in AutohomeCorp frostmourne up
to 1.0. ...)
NOT-FOR-US: AutohomeCorp frostmourne
CVE-2026-5199 (A writer role user in an attacker-controlled namespace could
signal, d ...)
- TODO: check
+ NOT-FOR-US: Temporal
CVE-2026-5175 (Improper access control in the multi-factor authentication
(MFA) manag ...)
NOT-FOR-US: Devolutions
CVE-2026-4989 (Improper input validation in the gateway health check feature
in Devol ...)
@@ -37,9 +37,9 @@ CVE-2026-35092 (A flaw was found in Corosync. An integer
overflow vulnerability
CVE-2026-35091 (A flaw was found in Corosync. A remote unauthenticated
attacker can ex ...)
TODO: check
CVE-2026-35000 (ChangeDetection.io versions prior to 0.54.7 contain a
protection bypas ...)
- TODO: check
+ NOT-FOR-US: ChangeDetection.io
CVE-2026-34999 (OpenViking versions 0.2.5 prior to 0.2.14 contain a missing
authentica ...)
- TODO: check
+ NOT-FOR-US: OpenViking
CVE-2026-34889 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-34875 (An issue was discovered in Mbed TLS through 3.6.5 and
TF-PSA-Crypto 1. ...)
@@ -49,11 +49,11 @@ CVE-2026-34874 (An issue was discovered in Mbed TLS through
3.6.5 and 4.x throug
CVE-2026-34871 (An issue was discovered in Mbed TLS before 3.6.6 and 4.x
before 4.1.0 ...)
TODO: check
CVE-2026-34751 (Payload is a free and open source headless content management
system. ...)
- TODO: check
+ NOT-FOR-US: Payload CMS
CVE-2026-34604 (Tina is a headless content management system. Prior to version
2.2.2, ...)
- TODO: check
+ NOT-FOR-US: Tina CMS
CVE-2026-34603 (Tina is a headless content management system. Prior to version
2.2.2, ...)
- TODO: check
+ NOT-FOR-US: Tina CMS
CVE-2026-34510 (OpenClaw before 2026.3.22 contains a path traversal
vulnerability in W ...)
NOT-FOR-US: OpenClaw
CVE-2026-34447 (Open Neural Network Exchange (ONNX) is an open standard for
machine le ...)
@@ -65,13 +65,13 @@ CVE-2026-34445 (Open Neural Network Exchange (ONNX) is an
open standard for mach
CVE-2026-34430 (ByteDance Deer-Flow versions prior to commit 92c7a20 containa
sandbox ...)
TODO: check
CVE-2026-34397 (Himmelblau is an interoperability suite for Microsoft Azure
Entra ID a ...)
- TODO: check
+ NOT-FOR-US: Himmelblau
CVE-2026-34376 (PdfDing is a selfhosted PDF manager, viewer and editor
offering a seam ...)
- TODO: check
+ NOT-FOR-US: PdfDing
CVE-2026-34236 (Auth0-PHP is a PHP SDK for Auth0 Authentication and Management
APIs. F ...)
TODO: check
CVE-2026-34222 (Open WebUI is a self-hosted artificial intelligence platform
designed ...)
- TODO: check
+ NOT-FOR-US: Open WebUI
CVE-2026-34159 (llama.cpp is an inference of several LLM models in C/C++.
Prior to ver ...)
TODO: check
CVE-2026-34076 (Clerk JavaScript is the official JavaScript repository for
Clerk authe ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99a552880b1e7a732c5a3f1f30e886ca2a3f7397
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99a552880b1e7a732c5a3f1f30e886ca2a3f7397
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
