Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1075956d by Salvatore Bonaccorso at 2026-06-23T22:04:22+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -144,45 +144,45 @@ CVE-2026-54301 (n8n is an open source workflow automation 
platform. Prior to 1.1
 CVE-2026-54257 (Electron is a framework for writing cross-platform desktop 
application ...)
        - electron <itp> (bug #842420)
 CVE-2026-54157 (LobeHub is a work-and-lifestyle space to find, build, and 
collaborate  ...)
-       TODO: check
+       NOT-FOR-US: LobeHub
 CVE-2026-54022 (Open WebUI is a self-hosted artificial intelligence platform 
designed  ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2026-54021 (Open WebUI is a self-hosted artificial intelligence platform 
designed  ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2026-54019 (Open WebUI is a self-hosted artificial intelligence platform 
designed  ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2026-54018 (Open WebUI is a self-hosted artificial intelligence platform 
designed  ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2026-54016 (Open WebUI is a self-hosted artificial intelligence platform 
designed  ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2026-54015 (Open WebUI is a self-hosted artificial intelligence platform 
designed  ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2026-54014 (Open WebUI is a self-hosted artificial intelligence platform 
designed  ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2026-54013 (Open WebUI is a self-hosted artificial intelligence platform 
designed  ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2026-54012 (Open WebUI is a self-hosted artificial intelligence platform 
designed  ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2026-54011 (Open WebUI is a self-hosted artificial intelligence platform 
designed  ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2026-54010 (Open WebUI is a self-hosted artificial intelligence platform 
designed  ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2026-54009 (Open WebUI is a self-hosted artificial intelligence platform 
designed  ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2026-54008 (Open WebUI is a self-hosted artificial intelligence platform 
designed  ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2026-54007 (Open WebUI is a self-hosted artificial intelligence platform 
designed  ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2026-54006 (Open WebUI is a self-hosted artificial intelligence platform 
designed  ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2026-53755 (Crawl4AI is an open-source LLM friendly web crawler & scraper. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: Crawl4AI
 CVE-2026-53754 (Crawl4AI is an open-source LLM friendly web crawler & scraper. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: Crawl4AI
 CVE-2026-53753 (Crawl4AI is an open-source LLM friendly web crawler & scraper. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: Crawl4AI
 CVE-2026-53662 (immich is a high performance self-hosted photo and video 
management so ...)
-       TODO: check
+       NOT-FOR-US: immich
 CVE-2026-52846 (Caddy is an extensible server platform that uses TLS by 
default. Prior ...)
        TODO: check
 CVE-2026-52845 (Caddy is an extensible server platform that uses TLS by 
default. Prior ...)
@@ -190,7 +190,7 @@ CVE-2026-52845 (Caddy is an extensible server platform that 
uses TLS by default.
 CVE-2026-52844 (Caddy is an extensible server platform that uses TLS by 
default. Prior ...)
        TODO: check
 CVE-2026-52673 (SQL Injection vulnerability in Cboard v.0.4.2 and before 
allows a remo ...)
-       TODO: check
+       NOT-FOR-US: Cboard
 CVE-2026-50574 (yt-dlp is a command-line audio/video downloader. Prior to 
2026.06.09,  ...)
        TODO: check
 CVE-2026-50023 (yt-dlp is a command-line audio/video downloader. Prior to 
2026.06.09,  ...)
@@ -198,53 +198,53 @@ CVE-2026-50023 (yt-dlp is a command-line audio/video 
downloader. Prior to 2026.0
 CVE-2026-50019 (yt-dlp is a command-line audio/video downloader. From 
2023.09.24 until ...)
        TODO: check
 CVE-2026-4983 (Open VSX Registry does not sanitize SVG files uploaded as 
extension ic ...)
-       TODO: check
+       NOT-FOR-US: Open VSX Registry
 CVE-2026-4610 (The ProfileGrid \u2013 User Profiles, Groups and Communities 
plugin fo ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-49983 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. 
Prior to 2. ...)
-       TODO: check
+       NOT-FOR-US: Deno
 CVE-2026-49860 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. 
Prior to 2. ...)
-       TODO: check
+       NOT-FOR-US: Deno
 CVE-2026-49859 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. 
Prior to 2. ...)
-       TODO: check
+       NOT-FOR-US: Deno
 CVE-2026-49465 (n8n is an open source workflow automation platform. Prior to 
1.123.48, ...)
-       TODO: check
+       NOT-FOR-US: n8n
 CVE-2026-49444 (n8n is an open source workflow automation platform. Prior to 
1.123.48, ...)
-       TODO: check
+       NOT-FOR-US: n8n
 CVE-2026-49440 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. 
Prior to 2. ...)
-       TODO: check
+       NOT-FOR-US: Deno
 CVE-2026-49411 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. 
Prior to 2. ...)
-       TODO: check
+       NOT-FOR-US: Deno
 CVE-2026-49406 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. 
Prior to 2. ...)
-       TODO: check
+       NOT-FOR-US: Deno
 CVE-2026-49402 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. 
Prior to 2. ...)
-       TODO: check
+       NOT-FOR-US: Deno
 CVE-2026-49401 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. 
Prior to 2. ...)
-       TODO: check
+       NOT-FOR-US: Deno
 CVE-2026-48520 (Langflow is a tool for building and deploying AI-powered 
agents and wo ...)
-       TODO: check
+       NOT-FOR-US: Langflow
 CVE-2026-48519 (Langflow is a tool for building and deploying AI-powered 
agents and wo ...)
-       TODO: check
+       NOT-FOR-US: Langflow
 CVE-2026-45732 (n8n is an open source workflow automation platform. Prior to 
1.123.43, ...)
-       TODO: check
+       NOT-FOR-US: n8n
 CVE-2026-45692 (Caddy is an extensible server platform that uses TLS by 
default. From  ...)
        TODO: check
 CVE-2026-45135 (Caddy is an extensible server platform that uses TLS by 
default. From  ...)
        TODO: check
 CVE-2026-44792 (n8n is an open source workflow automation platform. Prior to 
1.123.43, ...)
-       TODO: check
+       NOT-FOR-US: n8n
 CVE-2026-44791 (n8n is an open source workflow automation platform. Prior to 
1.123.43, ...)
-       TODO: check
+       NOT-FOR-US: n8n
 CVE-2026-44790 (n8n is an open source workflow automation platform. Prior to 
1.123.43, ...)
-       TODO: check
+       NOT-FOR-US: n8n
 CVE-2026-44789 (n8n is an open source workflow automation platform. Prior to 
1.123.43, ...)
-       TODO: check
+       NOT-FOR-US: n8n
 CVE-2026-44726 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. 
From 2.0.0  ...)
-       TODO: check
+       NOT-FOR-US: Deno
 CVE-2026-44089 (TotolinkEX1200L router is vulnerable to Buffer Overflow in the 
login f ...)
        NOT-FOR-US: TOTOLINK
 CVE-2026-42867 (Langflow is a tool for building and deploying AI-powered 
agents and wo ...)
-       TODO: check
+       NOT-FOR-US: Langflow
 CVE-2026-35019 (NetComm NF20MESH routers running firmware R6B031 and earlier 
contain a ...)
        TODO: check
 CVE-2026-35018 (NetComm NF20MESH routers running firmware R6B031 and earlier 
contain a ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1075956d994f845f05d759705310479291c57a86

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1075956d994f845f05d759705310479291c57a86
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to