Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
41a60c59 by security tracker role at 2026-05-09T07:13:59+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2026-8207 (Gibbon versions beforev30.0.01 are affected by
an authenticated S
CVE-2026-7807 (SmarterTools SmarterMail builds prior to 9560 contain a local
file inc ...)
TODO: check
CVE-2026-7652 (The LatePoint plugin for WordPress is vulnerable to Account
Takeover v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6667 (PgBouncer before 1.25.2 did not perform an appropriate
authorization c ...)
TODO: check
CVE-2026-6666 (A possible null pointer reference in PgBouncer before 1.25.2
could lea ...)
@@ -25,7 +25,7 @@ CVE-2026-44694 (n8n-MCP is an MCP server that provides AI
assistants access to n
CVE-2026-44656 (Vim is an open source, command line text editor. Prior to
version 9.2. ...)
TODO: check
CVE-2026-44400 (MailEnable Enterprise Premium 10.55 and earlier contains an
improper a ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2026-44313 (Linkwarden is a self-hosted, open-source collaborative
bookmark manage ...)
TODO: check
CVE-2026-44286 (FastGPT is an AI Agent building platform. Prior to version
4.14.17, an ...)
@@ -95,9 +95,9 @@ CVE-2026-42294 (Argo Workflows is an open source
container-native workflow engin
CVE-2026-42291 (SysReptor is a fully customizable pentest reporting platform.
From ver ...)
TODO: check
CVE-2026-42287 (Emlog is an open source website building system. Prior to
version 2.6. ...)
- TODO: check
+ NOT-FOR-US: Emlog
CVE-2026-42286 (Emlog is an open source website building system. Prior to
version 2.6. ...)
- TODO: check
+ NOT-FOR-US: Emlog
CVE-2026-42282 (n8n-MCP is an MCP server that provides AI assistants access to
n8n nod ...)
TODO: check
CVE-2026-42224 (ipl/web is a set of common web components for php projects.
Prior to v ...)
@@ -147,11 +147,11 @@ CVE-2026-42069 (Kirby is an open-source content
management system. Prior to vers
CVE-2026-42051 (Kirby is an open-source content management system. Prior to
versions 4 ...)
TODO: check
CVE-2026-41705 (Spring AI's MilvusVectorStore#doDelete(List) implementation is
vulnera ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2026-41520 (Cilium is a networking, observability, and security solution
with an e ...)
TODO: check
CVE-2026-41517 (Emlog is an open source website building system. Prior to
version 2.6. ...)
- TODO: check
+ NOT-FOR-US: Emlog
CVE-2026-41495 (n8n-MCP is an MCP server that provides AI assistants access to
n8n nod ...)
TODO: check
CVE-2026-41486 (Ray is an AI compute engine. From version 2.54.0 to before
version 2.5 ...)
@@ -161,9 +161,9 @@ CVE-2026-41432 (New API is a large language mode (LLM)
gateway and artificial in
CVE-2026-41311 (LiquidJS is a Shopify / GitHub Pages compatible template
engine in pur ...)
TODO: check
CVE-2025-15634 (A missing authorization vulnerability in HCL BigFix WebUI
allows an au ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-15633 (An improper authorization vulnerability in HCL BigFix WebUI
allows an ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2026-XXXX [Fix security vulnerabilities and code quality issues in 9.8]
- calibre 9.8.0+ds+~0.10.5-1 (bug #1135543)
NOTE:
https://github.com/kovidgoyal/calibre/commit/b0c4ba19686232d5bff99d58ce6019546ef4d166
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41a60c59f76db2e894ec43a12ef5f4024a72f417
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41a60c59f76db2e894ec43a12ef5f4024a72f417
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
