Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1009772e by Moritz Muehlenhoff at 2026-07-07T09:43:35+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,61 +13,61 @@ CVE-2026-58403 (Hugo is a static site generator. From 
v0.123.0 through v0.163.0,
 CVE-2026-58402 (Hugo is a static site generator. From 0.60.0 until 0.163.3, 
Hugo's def ...)
        TODO: check
 CVE-2026-58315 (Cross-site request forgery vulnerability exists in SEIKO EPSON 
Web Con ...)
-       TODO: check
+       NOT-FOR-US: SEIKO
 CVE-2026-57871 (Relative path traversal vulnerability in MicroRealEstate file 
upload f ...)
-       TODO: check
+       NOT-FOR-US: MicroRealEstate
 CVE-2026-57870 (Broken object-level access control on the Template API in 
MicroRealEst ...)
-       TODO: check
+       NOT-FOR-US: MicroRealEstate
 CVE-2026-57869 (Broken object-level access controls and the use of a 
deterministic pat ...)
-       TODO: check
+       NOT-FOR-US: MicroRealEstate
 CVE-2026-57868 (MicroRealEstate is affected by broken object-level access 
controls in  ...)
-       TODO: check
+       NOT-FOR-US: MicroRealEstate
 CVE-2026-57867 (MicroRealEstate allows adversaries to bypass authentication 
due to a l ...)
-       TODO: check
+       NOT-FOR-US: MicroRealEstate
 CVE-2026-57573 (Crawl4AI is an open-source LLM-friendly web crawler and 
scraper. Prior ...)
-       TODO: check
+       NOT-FOR-US: Crawl4AI
 CVE-2026-57572 (Crawl4AI is an open-source LLM-friendly web crawler and 
scraper. Prior ...)
-       TODO: check
+       NOT-FOR-US: Crawl4AI
 CVE-2026-57571 (Crawl4AI is an open-source LLM-friendly web crawler and 
scraper. Prior ...)
-       TODO: check
+       NOT-FOR-US: Crawl4AI
 CVE-2026-55727 (A flaw in the authentication mechanism for video stream 
requests in Ge ...)
        TODO: check
 CVE-2026-55646 (vLLM is an inference and serving engine for large language 
models. Fro ...)
-       TODO: check
+       - vllm <itp> (bug #1095237)
 CVE-2026-55574 (vLLM is a high-throughput and memory-efficient inference and 
serving e ...)
-       TODO: check
+       - vllm <itp> (bug #1095237)
 CVE-2026-55514 (vLLM is a library for LLM inference and serving. From 0.12.0 
to before ...)
-       TODO: check
+       - vllm <itp> (bug #1095237)
 CVE-2026-54765 (Traefik is an open source HTTP reverse proxy and load 
balancer. From v ...)
-       TODO: check
+       - traefik <itp> (bug #983289)
 CVE-2026-54764 (Traefik is an HTTP reverse proxy and load balancer. Prior to 
v2.11.51, ...)
-       TODO: check
+       - traefik <itp> (bug #983289)
 CVE-2026-54763 (Traefik is an HTTP reverse proxy and load balancer. Prior to 
v2.11.51, ...)
-       TODO: check
+       - traefik <itp> (bug #983289)
 CVE-2026-54709
        REJECTED
 CVE-2026-54234 (vLLM is a high-throughput and memory-efficient inference and 
serving e ...)
-       TODO: check
+       - vllm <itp> (bug #1095237)
 CVE-2026-53763 (OP-TEE is a Trusted Execution Environment (TEE) designed as 
companion  ...)
        TODO: check
 CVE-2026-53648 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-53647 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-53646 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-53645 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-53644 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-53643 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-53642 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-53641 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-53640 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-50135 (Hugo is a static site generator. From 0.123.0 to 0.161.1, a 
regression ...)
        TODO: check
 CVE-2026-50134 (Hugo is a static site generator. From 0.91.0 until 0.162.0, 
resources. ...)
@@ -81,41 +81,41 @@ CVE-2026-48267 (DNG SDK versions 1.7.1 2536 and earlier are 
affected by a NULL P
 CVE-2026-44362 (OP-TEE is a Trusted Execution Environment (TEE) designed as 
companion  ...)
        TODO: check
 CVE-2026-43928 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-43927 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-43925 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-43921 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-43918 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-42546 (OP-TEE is a Trusted Execution Environment (TEE) designed as 
companion  ...)
        TODO: check
 CVE-2026-42341 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-42331 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-42204 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-42201 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-42200 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-42172 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-42153 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-42148 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-42147 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-42145 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-42143 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-41899 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-41516 (OP-TEE is a Trusted Execution Environment (TEE) designed as 
companion  ...)
        TODO: check
 CVE-2026-41515 (OP-TEE is a Trusted Execution Environment (TEE) designed as 
companion  ...)
@@ -129,51 +129,51 @@ CVE-2026-38976 (mrubyc through 3.4.1 was found to contain 
a NULL pointer derefer
 CVE-2026-38973 (mrubyc through release3.4.1 was found to contain an 
out-of-bounds read ...)
        TODO: check
 CVE-2026-34599 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34198 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34171 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34170 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34168 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34167 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34158 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34153 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34152 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34149 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34058 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34057 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34050 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34049 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34048 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34047 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34044 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34038 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34037 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34035 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-34034 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-33734 (FOSSBilling is a free, open-source billing and client 
management syste ...)
-       TODO: check
+       NOT-FOR-US: FOSSBilling
 CVE-2026-32718 (Coolify is an open-source and self-hostable tool for managing 
servers, ...)
-       TODO: check
+       NOT-FOR-US: Coolify
 CVE-2026-27844 (Uncaught Exception (CWE-248)in the Controller 6000 and 
Controller 7000 ...)
        NOT-FOR-US: Gallagher
 CVE-2026-27790 (Uncaught Exception (CWE-248)inthe T20 Readersallows an 
authenticated a ...)
@@ -197,7 +197,7 @@ CVE-2026-21369 (Memory Corruption when handling flash 
commands due to outdated L
 CVE-2026-21368 (Memory Corruption when parsing jpeg commands due to 
unaccounted extra  ...)
        NOT-FOR-US: Qualcomm
 CVE-2026-14898 (The OpenAI Codex desktop app for macOS rendered remote images 
from Mar ...)
-       TODO: check
+       NOT-FOR-US: OpenAI
 CVE-2026-14536 (Improper enforcement of a mandatory multi-factor 
authentication policy ...)
        NOT-FOR-US: Devolutions
 CVE-2026-14471 (Improper Neutralization of Special Elements in the 
metrics-service ret ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1009772e62ec630c88486574dc71d96c8413bb20

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1009772e62ec630c88486574dc71d96c8413bb20
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to