Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fbaa77e5 by security tracker role at 2026-05-18T19:14:12+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -49,11 +49,11 @@ CVE-2026-4273 (Mattermost versions 11.5.x <= 11.5.1,
10.11.x <= 10.11.13 fail to
CVE-2026-45829 (A pre-authentication, code injection vulnerability in version
1.0.0 or ...)
TODO: check
CVE-2026-45495 (Microsoft Edge (Chromium-based) Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-45494 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-45492 (Improper input validation in Microsoft Edge (Chromium-based)
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-45243 (Summarize prior to 0.15.1 contains a missing authorization
vulnerabili ...)
TODO: check
CVE-2026-45242 (Summarize prior to 0.15.1 contains a path traversal
vulnerability in t ...)
@@ -63,7 +63,7 @@ CVE-2026-45231 (DumbAssets through 1.0.11 contains a stored
cross-site scripting
CVE-2026-45230 (DumbAssets through 1.0.11 contains a path traversal
vulnerability in t ...)
TODO: check
CVE-2026-42822 (Improper authentication in Azure Local Disconnected Operations
allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-41949 (Dify version 1.14.1 and prior contain an authorization bypass
vulnerab ...)
TODO: check
CVE-2026-41948 (Dify version 1.14.1 and prior contain a path traversal
vulnerability t ...)
@@ -71,7 +71,7 @@ CVE-2026-41948 (Dify version 1.14.1 and prior contain a path
traversal vulnerabi
CVE-2026-41947 (Dify version 1.14.1 and prior contains an authorization bypass
vulnera ...)
TODO: check
CVE-2026-41119 (Dell Live Optics Windows and Personal Edition collectors
contain an im ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-41085 (Thermo Fisher Scientific Torrent Suite Dx through 5.14.2 has a
privile ...)
TODO: check
CVE-2026-3637 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13,
11.4.x <= 1 ...)
@@ -87,7 +87,7 @@ CVE-2026-39079 (An issue in prestashop upsshipping all
versions through at least
CVE-2026-38719 (OpENer v2.3-558-g1e99582 contains an out-of-bounds read
vulnerability ...)
TODO: check
CVE-2026-36438 (An issue in Intelbras VIP-1230-D-G4 Version V2.800.00IB00C.0.T
allows ...)
- TODO: check
+ NOT-FOR-US: Intelbras
CVE-2026-32849 (NetBSD prior to commit ec8451e contains a signed integer
overflow vuln ...)
TODO: check
CVE-2026-32848 (NetBSD prior to commit ec8451e contains a race condition
vulnerability ...)
@@ -109,9 +109,9 @@ CVE-2026-28732 (Mattermost versions 11.5.x <= 11.5.1,
10.11.x <= 10.11.13, 11.4.
CVE-2026-26462 (Offline Hospital Management System 5.3.0 allows remote code
execution ...)
TODO: check
CVE-2026-20685 (An attacker in a privileged network position may be able to
leak sensi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-0983 (Denial-of-service condition in M-Files Server versions before
26.5.160 ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2025-57282 (ngrok v4.3.3 and 5.0.0-beta.2 is vulnerable to Command
Injection.)
TODO: check
CVE-2025-56352 (In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962
(2024-02-1 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbaa77e5df85379b4b145153618092a659112b99
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbaa77e5df85379b4b145153618092a659112b99
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
