Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ace15197 by security tracker role at 2026-07-04T07:14:01+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2026-58597 (Insufficient ui warning of dangerous operations in Microsoft
Edge (Chr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58524 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58523 (Improper access control in Microsoft Edge for Android allows
an unauth ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58522 (Relative path traversal in Microsoft Edge for Android allows
an unauth ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58426 (Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows
cross-repo ...)
TODO: check
CVE-2026-58424 (Permanent Fork PR Workflow Approval Gate Bypass)
@@ -21,85 +21,85 @@ CVE-2026-58419 (Notification API leaks private issue
metadata after access revoc
CVE-2026-58418 (SSRF via HTTP Redirect in Repository Migration)
TODO: check
CVE-2026-58300 (Absolute path traversal in Microsoft Edge for Android allows
an unauth ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58299 (Time-of-check time-of-use (toctou) race condition in Microsoft
Edge fo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58298 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58297 (Exposure of private personal information to an unauthorized
actor in M ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58296 (Exposure of private personal information to an unauthorized
actor in M ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58295 (Access of resource using incompatible type ('type confusion')
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58294 (Use after free in Microsoft Edge (Chromium-based) allows an
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58293 (External control of file name or path in Microsoft Edge
(Chromium-base ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58292 (Improper input validation in Microsoft Edge (Chromium-based)
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58291 (Operation on a resource after expiration or release in
Microsoft Edge ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58290 (Access of resource using incompatible type ('type confusion')
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58289 (Access of resource using incompatible type ('type confusion')
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58288 (Use after free in Microsoft Edge (Chromium-based) allows an
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58287 (Use after free in Microsoft Edge (Chromium-based) allows an
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58286 (Improper access control in Microsoft Edge (Chromium-based)
allows an u ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58285 (Access of resource using incompatible type ('type confusion')
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58284 (Improper authorization in Microsoft Edge (Chromium-based)
allows an un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58283 (Access of resource using incompatible type ('type confusion')
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58282 (Improper access control in Microsoft Edge (Chromium-based)
allows an u ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58278 (Server-side request forgery (ssrf) in Microsoft Edge
(Chromium-based) ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58276 (Use after free in Microsoft Edge (Chromium-based) allows an
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57993 (Server-side request forgery (ssrf) in Microsoft Edge
(Chromium-based) ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57992 (Use after free in Microsoft Edge (Chromium-based) allows an
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57991 (Improper link resolution before file access ('link following')
in Micr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57988 (Relative path traversal in Microsoft Edge (Chromium-based)
allows an u ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57987 (Server-side request forgery (ssrf) in Microsoft Edge
(Chromium-based) ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57986 (Use after free in Microsoft Edge (Chromium-based) allows an
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57985 (Improper input validation in Microsoft Edge (Chromium-based)
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57984 (Use after free in Microsoft Edge (Chromium-based) allows an
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57983 (Improper authorization in Microsoft Edge (Chromium-based)
allows an un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57981 (Use after free in Microsoft Edge (Chromium-based) allows an
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57977 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57975 (Access of resource using incompatible type ('type confusion')
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57974 (Integer overflow or wraparound in Microsoft Edge
(Chromium-based) allo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56646 (Exposure of sensitive information to an unauthorized actor in
Microsof ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56645 (Heap-based buffer overflow in Microsoft Edge (Chromium-based)
allows a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55945 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54424 (An Incorrect Use of Privileged APIs vulnerability in Unity
Parsec on W ...)
TODO: check
CVE-2026-45489 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-45488 (User interface (ui) misrepresentation of critical information
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-28744 (Gitea versions up to and including 1.26.1 allow Git smart HTTP
request ...)
TODO: check
CVE-2026-28740 (Gitea versions up to and including 1.26.2 allow Git LFS object
reuse t ...)
@@ -175,9 +175,9 @@ CVE-2026-14611 (A vulnerability has been found in DeepMyst
Mysti up to 0.4.0. Th
CVE-2026-14610 (A flaw has been found in Open Asset Import Library Assimp up
to 6.0.5. ...)
TODO: check
CVE-2026-14609 (A vulnerability was detected in SourceCodester CET Automated
Grading S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-14608 (A security vulnerability has been detected in SourceCodester
CET Autom ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-14607 (A weakness has been identified in RT-Thread up to 5.0.2. This
affects ...)
TODO: check
CVE-2026-14606 (A security flaw has been discovered in RT-Thread up to 5.0.2.
Affected ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ace151975a6f896fefd921e4bfcceb525eb3c0ec
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ace151975a6f896fefd921e4bfcceb525eb3c0ec
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits