Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c19da0cd by Moritz Muehlenhoff at 2026-05-27T09:51:33+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -499,9 +499,9 @@ CVE-2026-45728 (Algernon is a small self-contained pure-Go
web server. Prior to
CVE-2026-45721 (Algernon is a small self-contained pure-Go web server. Prior
to 1.17.7 ...)
NOT-FOR-US: github.com/xyproto/algernon
CVE-2026-45247 (Mirasvit Full Page Cache Warmer for Magento 2 before version
1.11.12 c ...)
- TODO: check
+ NOT-FOR-US: Magento addon
CVE-2026-45082 (Karakeep is a elf-hostable bookmark-everything app. A
Server-Side Requ ...)
- TODO: check
+ NOT-FOR-US: Karakeep
CVE-2026-44776 (Kavita is a cross platform reading server. Prior to 0.9.0, the
downloa ...)
NOT-FOR-US: Kavita
CVE-2026-44775 (Kavita is a cross platform reading server. Prior to 0.9.0, the
ReaderC ...)
@@ -523,11 +523,11 @@ CVE-2026-44706 (Chatwoot is a customer engagement suite.
From 2.2.0 to before 4.
CVE-2026-44680 (MikroORM is a TypeScript ORM for Node.js based on Data Mapper,
Unit of ...)
NOT-FOR-US: MikroORM
CVE-2026-44669 (FACTION is a PenTesting Report Generation and Collaboration
Framework. ...)
- TODO: check
+ NOT-FOR-US: FACTION
CVE-2026-44668 (FACTION is a PenTesting Report Generation and Collaboration
Framework. ...)
- TODO: check
+ NOT-FOR-US: FACTION
CVE-2026-44667 (FACTION is a PenTesting Report Generation and Collaboration
Framework. ...)
- TODO: check
+ NOT-FOR-US: FACTION
CVE-2026-44502 (Bugsink is a self-hosted error tracking tool. Prior to 2.1.3,
Bugsink\ ...)
NOT-FOR-US: Bugsink
CVE-2026-44469 (The affected product extracts installation files to a
temporary direct ...)
@@ -553,19 +553,19 @@ CVE-2026-43919
CVE-2026-42785 (OpenKM 6.3.12 contains a remote code execution vulnerability
that allo ...)
NOT-FOR-US: OpenKM
CVE-2026-42448 (Magic Wormhole makes it possible to get arbitrary-sized files
and dire ...)
- TODO: check
+ NOT-FOR-US: Magic Wormhole
CVE-2026-42425 (OpenKM 6.3.12 contains an unrestricted SQL execution
vulnerability tha ...)
- TODO: check
+ NOT-FOR-US: OpenKM
CVE-2026-42347
REJECTED
CVE-2026-41917 (OpenKM 6.3.12 contains a local file inclusion vulnerability in
the adm ...)
- TODO: check
+ NOT-FOR-US: OpenKM
CVE-2026-41401 (libyang before 5.2.6 contains a heap use-after-free write
vulnerabilit ...)
TODO: check
CVE-2026-41164 (nuts-node is the reference implementation of the Nuts
specification. P ...)
TODO: check
CVE-2026-40564 (Files or Directories Accessible to External Parties,
Server-Side Reque ...)
- TODO: check
+ NOT-FOR-US: Apache Flink Kubernetes Operator
CVE-2026-40384 (An improper validation of the search parameter of the
com_media files ...)
NOT-FOR-US: Joomla
CVE-2026-40383 (An improper validation of user-supplied input leads to a local
file in ...)
@@ -585,7 +585,7 @@ CVE-2026-39655 (Missing Authorization vulnerability in
TeconceTheme Mayosis Core
CVE-2026-39642 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-38587 (An Insecure Direct Object Reference (IDOR) vulnerability was
discovere ...)
- TODO: check
+ NOT-FOR-US: ONLYOFFICE
CVE-2026-35223 (An improper access check allows unauthorized access to
com_config webs ...)
NOT-FOR-US: Joomla
CVE-2026-35222 (Improperly validated order clauses lead to a SQL injection
vulnerabili ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c19da0cd382101c4c4664d0b589d561e396b1de8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c19da0cd382101c4c4664d0b589d561e396b1de8
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
