Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c97a764f by Salvatore Bonaccorso at 2026-04-07T09:45:01+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29,9 +29,9 @@ CVE-2026-5684 (A vulnerability was determined in Tenda CX12L
16.03.53.12. Affect
CVE-2026-5683 (A vulnerability was found in Tenda CX12L 16.03.53.12. Affected
by this ...)
NOT-FOR-US: Tenda
CVE-2026-5682 (A vulnerability has been found in Meesho Online Shopping App up
to 27. ...)
- TODO: check
+ NOT-FOR-US: Meesho Online Shopping App
CVE-2026-5681 (A flaw has been found in itsourcecode sanitize or validate this
input ...)
- TODO: check
+ NOT-FOR-US: itsourcecode
CVE-2026-5679 (A security vulnerability has been detected in Totolink A3300R
17.0.0cu ...)
NOT-FOR-US: TOTOLINK
CVE-2026-5465 (The Booking for Appointments and Events Calendar \u2013 Amelia
plugin ...)
@@ -47,19 +47,19 @@ CVE-2026-35473 (WeGIA is a Web manager for charitable
institutions. Prior to 3.6
CVE-2026-35472 (WeGIA is a Web manager for charitable institutions. Prior to
3.6.9, an ...)
NOT-FOR-US: WeGIA
CVE-2026-35471 (goshs is a SimpleHTTPServer written in Go. Prior to
2.0.0-beta.3, tdel ...)
- TODO: check
+ NOT-FOR-US: goshs
CVE-2026-35459 (pyLoad is a free and open-source download manager written in
Python. I ...)
TODO: check
CVE-2026-35454 (The Code Extension Marketplace is an open-source alternative
to the VS ...)
TODO: check
CVE-2026-35452 (WWBN AVideo is an open source video platform. In versions 26.0
and pri ...)
- TODO: check
+ NOT-FOR-US: WWBN AVideo
CVE-2026-35450 (WWBN AVideo is an open source video platform. In versions 26.0
and pri ...)
- TODO: check
+ NOT-FOR-US: WWBN AVideo
CVE-2026-35449 (WWBN AVideo is an open source video platform. In versions 26.0
and pri ...)
- TODO: check
+ NOT-FOR-US: WWBN AVideo
CVE-2026-35448 (WWBN AVideo is an open source video platform. In versions 26.0
and pri ...)
- TODO: check
+ NOT-FOR-US: WWBN AVideo
CVE-2026-35444 (SDL_image is a library to load images of various formats as
SDL surfac ...)
TODO: check
CVE-2026-35442 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
@@ -79,7 +79,7 @@ CVE-2026-35409 (Directus is a real-time API and App dashboard
for managing SQL d
CVE-2026-35408 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
NOT-FOR-US: Directus
CVE-2026-35404 (Open edX Platform enables the authoring and delivery of online
learnin ...)
- TODO: check
+ NOT-FOR-US: Open edX Platform
CVE-2026-35399 (WeGIA is a Web manager for charitable institutions. Prior to
3.6.9, a ...)
NOT-FOR-US: WeGIA
CVE-2026-35398 (WeGIA is a Web manager for charitable institutions. Prior to
3.6.9, an ...)
@@ -89,17 +89,17 @@ CVE-2026-35396 (WeGIA is a Web manager for charitable
institutions. Prior to 3.6
CVE-2026-35395 (WeGIA is a Web manager for charitable institutions. Prior to
3.6.9, We ...)
NOT-FOR-US: WeGIA
CVE-2026-35394 (Mobile Next is an MCP server for mobile development and
automation. Pr ...)
- TODO: check
+ NOT-FOR-US: Mobile Next
CVE-2026-35393 (goshs is a SimpleHTTPServer written in Go. Prior to
2.0.0-beta.3, the ...)
- TODO: check
+ NOT-FOR-US: goshs
CVE-2026-35392 (goshs is a SimpleHTTPServer written in Go. Prior to
2.0.0-beta.3, PUT ...)
- TODO: check
+ NOT-FOR-US: goshs
CVE-2026-35391 (Bulwark Webmail is a self-hosted webmail client for Stalwart
Mail Serv ...)
- TODO: check
+ NOT-FOR-US: Bulwark Webmail
CVE-2026-35390 (Bulwark Webmail is a self-hosted webmail client for Stalwart
Mail Serv ...)
- TODO: check
+ NOT-FOR-US: Bulwark Webmail
CVE-2026-35389 (Bulwark Webmail is a self-hosted webmail client for Stalwart
Mail Serv ...)
- TODO: check
+ NOT-FOR-US: Bulwark Webmail
CVE-2026-35213 (@hapi/content provided HTTP Content-* headers parsing. All
versions of ...)
TODO: check
CVE-2026-35208 (lichess.org is the forever free, adless and open source chess
server. ...)
@@ -117,19 +117,19 @@ CVE-2026-35197 (dye is a portable and respectful color
library for shell scripts
CVE-2026-35187 (pyLoad is a free and open-source download manager written in
Python. I ...)
TODO: check
CVE-2026-35185 (HAX CMS helps manage microsite universe with PHP or NodeJs
backends. P ...)
- TODO: check
+ NOT-FOR-US: HAX CMS
CVE-2026-35184 (EcclesiaCRM is CRM Software for church management. Prior to
8.0.0, the ...)
- TODO: check
+ NOT-FOR-US: EcclesiaCRM
CVE-2026-35183 (Brave CMS is an open-source CMS. Prior to 2.0.6, an Insecure
Direct Ob ...)
- TODO: check
+ NOT-FOR-US: Brave CMS
CVE-2026-35182 (Brave CMS is an open-source CMS. Prior to 2.0.6, this
vulnerability is ...)
- TODO: check
+ NOT-FOR-US: Brave CMS
CVE-2026-35181 (WWBN AVideo is an open source video platform. In versions 26.0
and pri ...)
- TODO: check
+ NOT-FOR-US: WWBN AVideo
CVE-2026-35180 (WWBN AVideo is an open source video platform. In versions 26.0
and pri ...)
- TODO: check
+ NOT-FOR-US: WWBN AVideo
CVE-2026-35179 (WWBN AVideo is an open source video platform. In versions 26.0
and pri ...)
- TODO: check
+ NOT-FOR-US: WWBN AVideo
CVE-2026-35178 (Workbench is a suite of tools for administrators and
developers to int ...)
TODO: check
CVE-2026-35176 (openFPGALoader is a utility for programming FPGAs. In 1.1.1
and earlie ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c97a764f573a6a98bffa17dda8231dbfff242d39
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c97a764f573a6a98bffa17dda8231dbfff242d39
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
