Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
301dcac4 by Salvatore Bonaccorso at 2026-05-09T10:33:12+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -35,37 +35,37 @@ CVE-2026-44656 (Vim is an open source, command line text
editor. Prior to versio
CVE-2026-44400 (MailEnable Enterprise Premium 10.55 and earlier contains an
improper a ...)
NOT-FOR-US: MailEnable
CVE-2026-44313 (Linkwarden is a self-hosted, open-source collaborative
bookmark manage ...)
- TODO: check
+ NOT-FOR-US: Linkwarden
CVE-2026-44286 (FastGPT is an AI Agent building platform. Prior to version
4.14.17, an ...)
- TODO: check
+ NOT-FOR-US: FastGPT
CVE-2026-44284 (FastGPT is an AI Agent building platform. Prior to version
4.14.17, Fa ...)
- TODO: check
+ NOT-FOR-US: FastGPT
CVE-2026-42560 (auth provides authentication via oauth2, direct and email.
From versio ...)
TODO: check
CVE-2026-42556 (Postiz is an AI social media scheduling tool. From version
2.21.6 to b ...)
- TODO: check
+ NOT-FOR-US: Postiz
CVE-2026-42461 (Arcane is an interface for managing Docker containers, images,
network ...)
- TODO: check
+ NOT-FOR-US: Arcane
CVE-2026-42456 (AnythingLLM is an application that turns pieces of content
into contex ...)
- TODO: check
+ NOT-FOR-US: AnythingLLM
CVE-2026-42455 (Linkwarden is a self-hosted, open-source collaborative
bookmark manage ...)
- TODO: check
+ NOT-FOR-US: Linkwarden
CVE-2026-42454 (Termix is a web-based server management platform with SSH
terminal, tu ...)
- TODO: check
+ NOT-FOR-US: Termix
CVE-2026-42453 (Termix is a web-based server management platform with SSH
terminal, tu ...)
- TODO: check
+ NOT-FOR-US: Termix
CVE-2026-42452 (Termix is a web-based server management platform with SSH
terminal, tu ...)
- TODO: check
+ NOT-FOR-US: Termix
CVE-2026-42451 (Grimmory is a self-hosted digital library. Prior to version
2.3.1, a s ...)
TODO: check
CVE-2026-42354 (Sentry is an error tracking and performance monitoring tool.
From vers ...)
- TODO: check
+ NOT-FOR-US: Sentry
CVE-2026-42352 (pygeoapi is a Python server implementation of the OGC API
suite of sta ...)
TODO: check
CVE-2026-42351 (pygeoapi is a Python server implementation of the OGC API
suite of sta ...)
TODO: check
CVE-2026-42350 (Kargo manages and automates the promotion of software
artifacts. Prior ...)
- TODO: check
+ NOT-FOR-US: Kargo
CVE-2026-42346 (Postiz is an AI social media scheduling tool. From version
2.16.6 to b ...)
NOT-FOR-US: Postiz
CVE-2026-42345 (FastGPT is an AI Agent building platform. In versions 4.14.11
and prio ...)
@@ -75,7 +75,7 @@ CVE-2026-42344 (FastGPT is an AI Agent building platform. In
versions 4.14.11 an
CVE-2026-42343 (FastGPT is an AI Agent building platform. In versions 4.14.13
and prio ...)
NOT-FOR-US: FastGPT
CVE-2026-42339 (New API is a large language mode (LLM) gateway and artificial
intellig ...)
- TODO: check
+ NOT-FOR-US: New API
CVE-2026-42311 (Pillow is a Python imaging library. From version 10.3.0 to
before vers ...)
TODO: check
CVE-2026-42310 (Pillow is a Python imaging library. From version 4.2.0 to
before versi ...)
@@ -87,19 +87,19 @@ CVE-2026-42308 (Pillow is a Python imaging library. Prior
to version 12.2.0, if
CVE-2026-42307 (Vim is an open source, command line text editor. Prior to
version 9.2. ...)
TODO: check
CVE-2026-42302 (FastGPT is an AI Agent building platform. From version 4.14.10
to befo ...)
- TODO: check
+ NOT-FOR-US: FastGPT
CVE-2026-42301 (pyp2spec generates working Fedora RPM spec file for Python
projects. P ...)
TODO: check
CVE-2026-42298 (Postiz is an AI social media scheduling tool. Prior to commit
da44801, ...)
- TODO: check
+ NOT-FOR-US: Postiz
CVE-2026-42297 (Argo Workflows is an open source container-native workflow
engine for ...)
- TODO: check
+ NOT-FOR-US: Argo
CVE-2026-42296 (Argo Workflows is an open source container-native workflow
engine for ...)
- TODO: check
+ NOT-FOR-US: Argo
CVE-2026-42295 (Argo Workflows is an open source container-native workflow
engine for ...)
- TODO: check
+ NOT-FOR-US: Argo
CVE-2026-42294 (Argo Workflows is an open source container-native workflow
engine for ...)
- TODO: check
+ NOT-FOR-US: Argo
CVE-2026-42291 (SysReptor is a fully customizable pentest reporting platform.
From ver ...)
TODO: check
CVE-2026-42287 (Emlog is an open source website building system. Prior to
version 2.6. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/301dcac466ad6948722e03e4f15f508849139d30
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/301dcac466ad6948722e03e4f15f508849139d30
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
