Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
253ae51a by Salvatore Bonaccorso at 2026-06-24T09:29:15+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31,7 +31,7 @@ CVE-2026-9175 (The Devs Accounting \u2013 Simple Accounting
and Invoicing Soluti
CVE-2026-9172 (The Devs Accounting \u2013 Simple Accounting and Invoicing
Solution pl ...)
NOT-FOR-US: WordPress plugin
CVE-2026-9073 (A flaw was found in foreman-mcp-server. This component utilizes
two di ...)
- TODO: check
+ NOT-FOR-US: foreman-mcp-server
CVE-2026-8905 (The Osiris Signature Banner plugin for WordPress is vulnerable
to Cros ...)
NOT-FOR-US: WordPress plugin
CVE-2026-8896 (The MIR blocks and shortcodes plugin for WordPress is
vulnerable to St ...)
@@ -55,13 +55,13 @@ CVE-2026-8614 (The Assistio plugin for WordPress is
vulnerable to unauthorized m
CVE-2026-7617 (The Secufor_OAuth plugin for WordPress is vulnerable to
unauthorized a ...)
NOT-FOR-US: WordPress plugin
CVE-2026-7574 (Anthropic Claude Desktop Cowork VM image handling (confirmed
across v1 ...)
- TODO: check
+ NOT-FOR-US: Anthropic Claude Desktop
CVE-2026-6458 (Missing cryptographic step in Caliptra Core Firmware
(aes_256_gcm_upda ...)
- TODO: check
+ NOT-FOR-US: Caliptra Core Firmware
CVE-2026-6292 (The MP Customize Login Page plugin for WordPress is vulnerable
to Cros ...)
NOT-FOR-US: WordPress plugin
CVE-2026-5818 (Incorrect check of function return value in Caliptra Core
Runtime Firm ...)
- TODO: check
+ NOT-FOR-US: Caliptra Core Firmware
CVE-2026-56785 (FlatPress versions prior to commit 10be83c, contains a stored
cross-si ...)
TODO: check
CVE-2026-56120
@@ -71,9 +71,9 @@ CVE-2026-54762 (Traefik is an HTTP reverse proxy and load
balancer. From 3.7.0-e
CVE-2026-54761 (Traefik is an HTTP reverse proxy and load balancer. Prior to
3.6.21 an ...)
- traefik <itp> (bug #983289)
CVE-2026-54639 (Style Dictionary, a build system for creating cross-platform
styles, h ...)
- TODO: check
+ NOT-FOR-US: Style Dictionary
CVE-2026-54588 (Poweradmin is a web-based DNS administration tool for PowerDNS
server. ...)
- TODO: check
+ NOT-FOR-US: Poweradmin
CVE-2026-54555 (rtk filters and compresses command outputs before they reach
your LLM ...)
TODO: check
CVE-2026-54518 (jackson-databind contains the general-purpose data-binding
functionali ...)
@@ -99,17 +99,17 @@ CVE-2026-54326 (Pi is a minimal terminal coding harness.
From 0.74.0 until 0.78.
CVE-2026-54325 (Pi is a minimal terminal coding harness. Pi before 0.79.0
loaded proje ...)
TODO: check
CVE-2026-53931 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-53930 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-53929 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-53928 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-53927 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-53926 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-53622 (Traefik is an HTTP reverse proxy and load balancer. Prior to
3.7.3, th ...)
- traefik <itp> (bug #983289)
CVE-2026-50193 (jackson-databind contains the general-purpose data-binding
functionali ...)
@@ -123,53 +123,53 @@ CVE-2026-48491 (Traefik is an HTTP reverse proxy and load
balancer. From 3.7.0 u
CVE-2026-48020 (Traefik is an HTTP reverse proxy and load balancer. Prior to
2.11.48, ...)
- traefik <itp> (bug #983289)
CVE-2026-47693 (Poweradmin is a web-based DNS administration tool for PowerDNS
server. ...)
- TODO: check
+ NOT-FOR-US: Poweradmin
CVE-2026-47388 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-47387 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-47386 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-47385 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-47384 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-47383 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-47382 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-47381 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-47380 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-47379 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-47378 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-47377 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-47376 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-47375 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-47279 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-46554 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-46553 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-46552 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-46551 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-46550 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-46549 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-46548 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-46547 (NocoDB is software for building databases as spreadsheets.
Prior to 20 ...)
- TODO: check
+ NOT-FOR-US: NocoDB
CVE-2026-45792 (rtk filters and compresses command outputs before they reach
your LLM ...)
TODO: check
CVE-2026-41862 (Spring Statemachine's Kryo-based persistence backends (JPA,
MongoDB, R ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/253ae51a4414842af39b04f6ff10d9df874fa996
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/253ae51a4414842af39b04f6ff10d9df874fa996
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits