Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2663765f by Moritz Muehlenhoff at 2026-06-25T11:13:43+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -73,7 +73,7 @@ CVE-2026-5309 (GitLab has remediated an issue in GitLab EE
affecting all version
CVE-2026-5305 (The Email Address Encoder WordPress plugin before 1.0.25,
email-encode ...)
NOT-FOR-US: WordPress plugin
CVE-2026-57589 (sys/kern/sysv_sem.c in OpenBSD through 7.9 has a
use-after-free allowi ...)
- TODO: check
+ NOT-FOR-US: OpenBSD
CVE-2026-55762 (Rocket.Chat is an open-source, secure, fully customizable
communicatio ...)
NOT-FOR-US: Rocket.Chat
CVE-2026-55759 (Rocket.Chat is an open-source, secure, fully customizable
communicatio ...)
@@ -217,25 +217,25 @@ CVE-2026-39894 (Cacti is an open source performance and
fault management framewo
CVE-2026-39893 (Cacti is an open source performance and fault management
framework. In ...)
TODO: check
CVE-2026-33543 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-33235 (AutoGPT is a workflow automation platform for creating,
deploying, and ...)
- TODO: check
+ NOT-FOR-US: AutoGPT
CVE-2026-32315 (motionEye (mEye) is an online interface for motion software, a
video s ...)
- TODO: check
+ NOT-FOR-US: motionEye (mEye)
CVE-2026-31978 (motionEye (mEye) is an online interface for motion software,
which is ...)
- TODO: check
+ NOT-FOR-US: motionEye (mEye)
CVE-2026-2508 (The Gravity Forms Booking plugin for WordPress is vulnerable to
time-b ...)
NOT-FOR-US: WordPress plugin
CVE-2026-2238 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
NOT-FOR-US: GitLab (used to be packaged in the Debian archive as
src:gitlab, but never in a stable release)
CVE-2026-27708 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-25119 (Gogs is an open source self-hosted Git service. Prior to
0.14.3, when ...)
- TODO: check
+ NOT-FOR-US: Go Git Service
CVE-2026-23879 (py7zr is a Python-based library and utility to support 7zip
archive co ...)
TODO: check
CVE-2026-1840 (The Aclara Metrum Cellular Web Interface is vulnerable to
unauthorized ...)
- TODO: check
+ NOT-FOR-US: Aclara Metrum Cellular Web Interface
CVE-2026-1606 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
NOT-FOR-US: GitLab (used to be packaged in the Debian archive as
src:gitlab, but never in a stable release)
CVE-2026-13311 (shell-quote prior to 1.8.5 finalizes parsed tokens in parse()
using Ar ...)
@@ -2574,7 +2574,7 @@ CVE-2026-41479 (Authlib is a Python library which builds
OAuth and OpenID Connec
CVE-2026-39904 (Gophish through 0.12.1 contains a denial of service
vulnerability that ...)
NOT-FOR-US: Gophish
CVE-2026-12866 (All versions of the package expr-eval are vulnerable to Code
Execution ...)
- TODO: check
+ NOT-FOR-US: Node expr-eval
CVE-2026-11833 (Overview: A vulnerability has been found in FAST/TOOLS and CI
Server. ...)
NOT-FOR-US: Yokogawa
CVE-2026-10852 (IBM WebSphere Application Server and IBM WebSphere Application
Server ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2663765f740a5fb28831655a06b8ab11eadcac87
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2663765f740a5fb28831655a06b8ab11eadcac87
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits