Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
616492e7 by Salvatore Bonaccorso at 2026-05-13T15:38:11+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -124,21 +124,21 @@ CVE-2026-44296 (Deskflow is a keyboard and mouse sharing
app. Prior to 1.26.0.16
CVE-2026-44262 (Scramble generates API documentation for Laravel project. From
0.13.2 ...)
TODO: check
CVE-2026-44260 (efw4.X is an Enterprise Framework for Web. Prior to 4.08.010,
the read ...)
- TODO: check
+ NOT-FOR-US: efw4.X
CVE-2026-44259 (efw4.X is an Enterprise Framework for Web. Prior to 4.08.010,
the prev ...)
- TODO: check
+ NOT-FOR-US: efw4.X
CVE-2026-44258 (efw4.X is an Enterprise Framework for Web. Prior to 4.08.010,
the elfi ...)
- TODO: check
+ NOT-FOR-US: efw4.X
CVE-2026-44257 (efw4.X is an Enterprise Framework for Web. Prior to 4.08.010,
efw.file ...)
- TODO: check
+ NOT-FOR-US: efw4.X
CVE-2026-44246 (nnU-Net is a semantic segmentation framework that
automatically adapts ...)
TODO: check
CVE-2026-44245 (Kyverno is a policy engine designed for cloud native platform
engineer ...)
- TODO: check
+ NOT-FOR-US: Kyverno
CVE-2026-44242 (Micronaut Framework is a JVM-based full stack Java framework
designed ...)
- TODO: check
+ NOT-FOR-US: Micronaut Framework
CVE-2026-44241 (Micronaut Framework is a JVM-based full stack Java framework
designed ...)
- TODO: check
+ NOT-FOR-US: Micronaut Framework
CVE-2026-44240 (basic-ftp is an FTP client for Node.js. Prior to 5.3.1,
basic-ftp is v ...)
TODO: check
CVE-2026-44232 (DSSRF is a Node.js library that provides a wide range of
utilities and ...)
@@ -152,7 +152,7 @@ CVE-2026-44223 (vLLM is an inference and serving engine for
large language model
CVE-2026-44222 (vLLM is an inference and serving engine for large language
models (LLM ...)
- vllm <itp> (bug #1095237)
CVE-2026-44221 (ArcadeDB is a Multi-Model DBMS. Prior to 2.6.4, authenticated
users an ...)
- TODO: check
+ NOT-FOR-US: ArcadeDB
CVE-2026-44220 (ciguard is a static security auditor for CI/CD pipelines. From
0.8.0 t ...)
TODO: check
CVE-2026-44219 (ciguard is a static security auditor for CI/CD pipelines. From
0.6.0 t ...)
@@ -162,7 +162,7 @@ CVE-2026-44218 (ciguard is a static security auditor for
CI/CD pipelines. From 0
CVE-2026-44217 (sse-channel is an SSE-implementation which can be used to any
node.js ...)
TODO: check
CVE-2026-44215 (NanaZip is an open source file archive. From 5.0.1252.0 to
before 6.0. ...)
- TODO: check
+ NOT-FOR-US: NanaZip
CVE-2026-44015 (Nginx UI is a web user interface for the Nginx web server. In
2.3.4 an ...)
TODO: check
CVE-2026-44012 (Craft CMS is a content management system (CMS). From 5.0.0-RC1
to befo ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/616492e76cfb6016cb0251208a340d30250025ad
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/616492e76cfb6016cb0251208a340d30250025ad
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
