Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1009772e by Moritz Muehlenhoff at 2026-07-07T09:43:35+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,61 +13,61 @@ CVE-2026-58403 (Hugo is a static site generator. From
v0.123.0 through v0.163.0,
CVE-2026-58402 (Hugo is a static site generator. From 0.60.0 until 0.163.3,
Hugo's def ...)
TODO: check
CVE-2026-58315 (Cross-site request forgery vulnerability exists in SEIKO EPSON
Web Con ...)
- TODO: check
+ NOT-FOR-US: SEIKO
CVE-2026-57871 (Relative path traversal vulnerability in MicroRealEstate file
upload f ...)
- TODO: check
+ NOT-FOR-US: MicroRealEstate
CVE-2026-57870 (Broken object-level access control on the Template API in
MicroRealEst ...)
- TODO: check
+ NOT-FOR-US: MicroRealEstate
CVE-2026-57869 (Broken object-level access controls and the use of a
deterministic pat ...)
- TODO: check
+ NOT-FOR-US: MicroRealEstate
CVE-2026-57868 (MicroRealEstate is affected by broken object-level access
controls in ...)
- TODO: check
+ NOT-FOR-US: MicroRealEstate
CVE-2026-57867 (MicroRealEstate allows adversaries to bypass authentication
due to a l ...)
- TODO: check
+ NOT-FOR-US: MicroRealEstate
CVE-2026-57573 (Crawl4AI is an open-source LLM-friendly web crawler and
scraper. Prior ...)
- TODO: check
+ NOT-FOR-US: Crawl4AI
CVE-2026-57572 (Crawl4AI is an open-source LLM-friendly web crawler and
scraper. Prior ...)
- TODO: check
+ NOT-FOR-US: Crawl4AI
CVE-2026-57571 (Crawl4AI is an open-source LLM-friendly web crawler and
scraper. Prior ...)
- TODO: check
+ NOT-FOR-US: Crawl4AI
CVE-2026-55727 (A flaw in the authentication mechanism for video stream
requests in Ge ...)
TODO: check
CVE-2026-55646 (vLLM is an inference and serving engine for large language
models. Fro ...)
- TODO: check
+ - vllm <itp> (bug #1095237)
CVE-2026-55574 (vLLM is a high-throughput and memory-efficient inference and
serving e ...)
- TODO: check
+ - vllm <itp> (bug #1095237)
CVE-2026-55514 (vLLM is a library for LLM inference and serving. From 0.12.0
to before ...)
- TODO: check
+ - vllm <itp> (bug #1095237)
CVE-2026-54765 (Traefik is an open source HTTP reverse proxy and load
balancer. From v ...)
- TODO: check
+ - traefik <itp> (bug #983289)
CVE-2026-54764 (Traefik is an HTTP reverse proxy and load balancer. Prior to
v2.11.51, ...)
- TODO: check
+ - traefik <itp> (bug #983289)
CVE-2026-54763 (Traefik is an HTTP reverse proxy and load balancer. Prior to
v2.11.51, ...)
- TODO: check
+ - traefik <itp> (bug #983289)
CVE-2026-54709
REJECTED
CVE-2026-54234 (vLLM is a high-throughput and memory-efficient inference and
serving e ...)
- TODO: check
+ - vllm <itp> (bug #1095237)
CVE-2026-53763 (OP-TEE is a Trusted Execution Environment (TEE) designed as
companion ...)
TODO: check
CVE-2026-53648 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-53647 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-53646 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-53645 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-53644 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-53643 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-53642 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-53641 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-53640 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-50135 (Hugo is a static site generator. From 0.123.0 to 0.161.1, a
regression ...)
TODO: check
CVE-2026-50134 (Hugo is a static site generator. From 0.91.0 until 0.162.0,
resources. ...)
@@ -81,41 +81,41 @@ CVE-2026-48267 (DNG SDK versions 1.7.1 2536 and earlier are
affected by a NULL P
CVE-2026-44362 (OP-TEE is a Trusted Execution Environment (TEE) designed as
companion ...)
TODO: check
CVE-2026-43928 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-43927 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-43925 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-43921 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-43918 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-42546 (OP-TEE is a Trusted Execution Environment (TEE) designed as
companion ...)
TODO: check
CVE-2026-42341 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-42331 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-42204 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-42201 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-42200 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-42172 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-42153 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-42148 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-42147 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-42145 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-42143 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-41899 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-41516 (OP-TEE is a Trusted Execution Environment (TEE) designed as
companion ...)
TODO: check
CVE-2026-41515 (OP-TEE is a Trusted Execution Environment (TEE) designed as
companion ...)
@@ -129,51 +129,51 @@ CVE-2026-38976 (mrubyc through 3.4.1 was found to contain
a NULL pointer derefer
CVE-2026-38973 (mrubyc through release3.4.1 was found to contain an
out-of-bounds read ...)
TODO: check
CVE-2026-34599 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34198 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34171 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34170 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34168 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34167 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34158 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34153 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34152 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34149 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34058 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34057 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34050 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34049 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34048 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34047 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34044 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34038 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34037 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34035 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-34034 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-33734 (FOSSBilling is a free, open-source billing and client
management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-32718 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
- TODO: check
+ NOT-FOR-US: Coolify
CVE-2026-27844 (Uncaught Exception (CWE-248)in the Controller 6000 and
Controller 7000 ...)
NOT-FOR-US: Gallagher
CVE-2026-27790 (Uncaught Exception (CWE-248)inthe T20 Readersallows an
authenticated a ...)
@@ -197,7 +197,7 @@ CVE-2026-21369 (Memory Corruption when handling flash
commands due to outdated L
CVE-2026-21368 (Memory Corruption when parsing jpeg commands due to
unaccounted extra ...)
NOT-FOR-US: Qualcomm
CVE-2026-14898 (The OpenAI Codex desktop app for macOS rendered remote images
from Mar ...)
- TODO: check
+ NOT-FOR-US: OpenAI
CVE-2026-14536 (Improper enforcement of a mandatory multi-factor
authentication policy ...)
NOT-FOR-US: Devolutions
CVE-2026-14471 (Improper Neutralization of Special Elements in the
metrics-service ret ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1009772e62ec630c88486574dc71d96c8413bb20
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1009772e62ec630c88486574dc71d96c8413bb20
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits