Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
333b6327 by Salvatore Bonaccorso at 2026-07-12T21:23:12+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,33 +1,33 @@
 CVE-2026-61876 (LuCI versions fail to properly encode DHCPv6 lease hostnames 
before re ...)
-       TODO: check
+       NOT-FOR-US: LuCI
 CVE-2026-61875 (luci-app-upnp contains a stored cross-site scripting 
vulnerability tha ...)
-       TODO: check
+       NOT-FOR-US: luci-app-upnp
 CVE-2026-61874 (filebrowser versions before 2.63.17 fail to normalize paths 
before que ...)
-       TODO: check
+       NOT-FOR-US: filebrowser
 CVE-2026-59260 (OpenWrt luci-app-samba4 read ACL grants file.exec permission 
on /usr/s ...)
-       TODO: check
+       NOT-FOR-US: OpenWRT luci-app-samba4
 CVE-2026-58596 (Untrusted pointer dereference in Microsoft Edge 
(Chromium-based) allow ...)
        NOT-FOR-US: Microsoft
 CVE-2026-56336 (Capgo before 12.128.2 contains an information disclosure 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Cap-go
 CVE-2026-56313 (Capgo before 12.128.2 contains a cross-organization account 
disruption ...)
-       TODO: check
+       NOT-FOR-US: Cap-go
 CVE-2026-56308 (Capgo before 12.128.2 allows email address changes without 
requiring c ...)
-       TODO: check
+       NOT-FOR-US: Cap-go
 CVE-2026-56281 (Capgo before 12.128.2 contains a sql injection vulnerability 
in the PO ...)
-       TODO: check
+       NOT-FOR-US: Cap-go
 CVE-2026-56271 (Flowise before 3.1.0 (affected versions 3.0.13 and earlier) 
uses weak  ...)
        NOT-FOR-US: Flowise
 CVE-2026-56260 (Crawl4AI before 0.8.7 contains an arbitrary file write 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: Crawl4AI
 CVE-2026-56259 (Crawl4AI before 0.8.8 contains credential exfiltration 
vulnerabilities ...)
-       TODO: check
+       NOT-FOR-US: Crawl4AI
 CVE-2026-56252 (Capgo before 12.128.2 contains a scope isolation vulnerability 
in the  ...)
-       TODO: check
+       NOT-FOR-US: Cap-go
 CVE-2026-56241 (Capgo before 12.128.2 contains a privilege escalation 
vulnerability wh ...)
-       TODO: check
+       NOT-FOR-US: Cap-go
 CVE-2026-56238 (Capgo before 12.128.2 contains an information disclosure 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Cap-go
 CVE-2026-15502 (A vulnerability was detected in AojiaoZero Antaris 1.0. This 
affects t ...)
        TODO: check
 CVE-2026-15501 (A security vulnerability has been detected in AstrBotDevs 
AstrBot up t ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/333b6327702fa215ec5eece0f434b98faff53362

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/333b6327702fa215ec5eece0f434b98faff53362
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to