Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
905b16ba by Salvatore Bonaccorso at 2026-06-08T21:57:14+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -36,41 +36,41 @@ CVE-2026-48913 (Use After Free vulnerability in Apache HTTP
Server module mod_ht
CVE-2026-48507 (Snipe-IT is an IT asset/license management system. A
vulnerability in ...)
- snipe-it <itp> (bug #1005172)
CVE-2026-48488 (phpMyFAQ is an open source FAQ web application. Prior to
version 4.1.4 ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2026-46657 (Bludit is a content management system. Versions prior to
3.22.0 have a ...)
- TODO: check
+ NOT-FOR-US: Bludit CMS
CVE-2026-46656 (Bludit is a content management system. Versions prior to
3.22.0 have a ...)
- TODO: check
+ NOT-FOR-US: Bludit CMS
CVE-2026-46490 (samlify is a Node.js library for SAML single sign-on. Prior to
version ...)
- TODO: check
+ NOT-FOR-US: Node samlify
CVE-2026-46486 (MVT (Mobile Verification Toolkit) helps with conducting
forensics of m ...)
- TODO: check
+ NOT-FOR-US: MVT (Mobile Verification Toolkit)
CVE-2026-46481 (OpenMetadata is a unified metadata platform. Prior to version
1.12.4, ...)
- TODO: check
+ NOT-FOR-US: OpenMetadata
CVE-2026-46480 (Flowise is a drag & drop user interface to build a customized
large la ...)
- TODO: check
+ NOT-FOR-US: Flowise
CVE-2026-46479 (Flowise is a drag & drop user interface to build a customized
large la ...)
- TODO: check
+ NOT-FOR-US: Flowise
CVE-2026-46478 (Flowise is a drag & drop user interface to build a customized
large la ...)
- TODO: check
+ NOT-FOR-US: Flowise
CVE-2026-46477 (Flowise is a drag & drop user interface to build a customized
large la ...)
- TODO: check
+ NOT-FOR-US: Flowise
CVE-2026-46476 (Flowise is a drag & drop user interface to build a customized
large la ...)
- TODO: check
+ NOT-FOR-US: Flowise
CVE-2026-46475 (Flowise is a drag & drop user interface to build a customized
large la ...)
- TODO: check
+ NOT-FOR-US: Flowise
CVE-2026-46444 (Flowise is a drag & drop user interface to build a customized
large la ...)
- TODO: check
+ NOT-FOR-US: Flowise
CVE-2026-46443 (Flowise is a drag & drop user interface to build a customized
large la ...)
- TODO: check
+ NOT-FOR-US: Flowise
CVE-2026-46442 (Flowise is a drag & drop user interface to build a customized
large la ...)
- TODO: check
+ NOT-FOR-US: Flowise
CVE-2026-46441 (Flowise is a drag & drop user interface to build a customized
large la ...)
- TODO: check
+ NOT-FOR-US: Flowise
CVE-2026-46440 (Flowise is a drag & drop user interface to build a customized
large la ...)
- TODO: check
+ NOT-FOR-US: Flowise
CVE-2026-45581 (fabric-chaincode-java is a Java based implementation of
Hyperledger Fa ...)
- TODO: check
+ NOT-FOR-US: fabric-chaincode-java
CVE-2026-44631 (Buffer Underwrite vulnerability in Apache HTTP Server on
crafted regul ...)
- apache2 <unfixed>
NOTE:
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-44631
@@ -95,11 +95,11 @@ CVE-2026-43951 (Out-of-bounds Read vulnerability in Apache
HTTP Server with mod_
- apache2 <unfixed>
NOTE:
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-43951
CVE-2026-42863 (Flowise is a drag & drop user interface to build a customized
large la ...)
- TODO: check
+ NOT-FOR-US: Flowise
CVE-2026-42862 (Flowise is a drag & drop user interface to build a customized
large la ...)
- TODO: check
+ NOT-FOR-US: Flowise
CVE-2026-42861 (Flowise is a drag & drop user interface to build a customized
large la ...)
- TODO: check
+ NOT-FOR-US: Flowise
CVE-2026-42536 (Heap-based Buffer Overflow vulnerability in Apache HTTP Server
withmod ...)
- apache2 <unfixed>
NOTE:
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-42536
@@ -107,13 +107,13 @@ CVE-2026-42535 (A path handling issue in mod_dav_fs in
Apache 2.4.67 and earlier
- apache2 <unfixed>
NOTE:
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-42535
CVE-2026-41724 (VMware Cloud Foundation Operations contains multiple stored
cross-site ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2026-41723 (VMware Cloud Foundation Operations contains multiple stored
cross-site ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2026-41722 (VMware Cloud Foundation Operations contains multiple stored
cross-site ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2026-41448 (AdGuard Home, when started with the --glinet flag, contains an
authent ...)
- TODO: check
+ NOT-FOR-US: AdGuard Home
CVE-2026-3011 (The Recipe Card Blocks Lite plugin for WordPress is vulnerable
to Stor ...)
NOT-FOR-US: WordPress plugin
CVE-2026-39910 (STACKIT IaaS API contains a missing authorization check
vulnerability ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/905b16ba754c10c4660b3241f08daaf8fa8e857e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/905b16ba754c10c4660b3241f08daaf8fa8e857e
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
