Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f04d8b4d by Salvatore Bonaccorso at 2026-07-03T20:17:50+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -67,7 +67,7 @@ CVE-2026-55726 (The Azure Blob Storage container used for
Gardyn device logs is
CVE-2026-54998 (Incorrect authorization in Microsoft Exchange Online allows an
authori ...)
NOT-FOR-US: Microsoft
CVE-2026-54477 (The admin panel lacks standard security headers, enabling
clickjacking ...)
- TODO: check
+ NOT-FOR-US: Gardyn
CVE-2026-52830 (fast-mcp-telegram is a Telegram MCP Server. Prior to 0.19.1,
fast-mcp- ...)
NOT-FOR-US: fast-mcp-telegram
CVE-2026-52192 (An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a
remote at ...)
@@ -99,7 +99,7 @@ CVE-2026-38972 (Notepad3 through 6.25.822.1 contains a DLL
search-order hijackin
CVE-2026-38971 (ardupilot through Plane-4.6.3 was found to contain an
out-of-bounds re ...)
NOT-FOR-US: ardupilot
CVE-2026-38970 (pdfcpu through v0.11.1 contains an uncontrolled-recursion
denial-of-se ...)
- TODO: check
+ NOT-FOR-US: pdfcpu
CVE-2026-38969 (ruby webrick through v1.9.2 WEBrick reparses trailer
Content-Length in ...)
TODO: check
CVE-2026-38968 (ntopng through 6.6 is vulnerable to Predictable Session
Identifier whi ...)
@@ -483,7 +483,7 @@ CVE-2026-49779 (Customer Path Traversal in Tax Exempt for
WooCommerce <= 1.9.3 v
CVE-2026-44941 (A relative path traversal in the "keyhint" option in
repomd.xml parsin ...)
TODO: check
CVE-2026-44935 (Missing validation of "valuesFrom" references in Helm Deployer
of SUSE ...)
- TODO: check
+ NOT-FOR-US: Rancher Fleet
CVE-2026-42382 (Unauthenticated Local File Inclusion in Audrey <= 1.5
versions.)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-39448 (Unauthenticated Broken Access Control in NOWPayments for
WooCommerce < ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f04d8b4dea67bde2beecbdef86c3a4613bcab0ef
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f04d8b4dea67bde2beecbdef86c3a4613bcab0ef
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits