Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0263ba04 by Salvatore Bonaccorso at 2026-07-13T22:01:41+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,13 +13,13 @@ CVE-2026-6875 (ServiceNow has addressed a remote code
execution vulnerability th
CVE-2026-6850 (Mattermost versions 11.7.x <= 11.7.2, 11.6.x <= 11.6.4, 10.11.x
<= 10. ...)
- mattermost-server <itp> (bug #823556)
CVE-2026-6847 (Remote Code Execution vulnerability exists in ThemisNETPanel
due to mi ...)
- TODO: check
+ NOT-FOR-US: ThemisNETPanel
CVE-2026-6541 (Mattermost versions 11.7.x <= 11.7.1, 11.6.x <= 11.6.4, 10.11.x
<= 10. ...)
- mattermost-server <itp> (bug #823556)
CVE-2026-62147 (The Tempo Operator's gateway component failed to consistently
apply na ...)
- TODO: check
+ NOT-FOR-US: Red Hat Tempo Operator
CVE-2026-62143 (A Server-Side Request Forgery (SSRF) protection bypass existed
in the ...)
- TODO: check
+ NOT-FOR-US: MISP
CVE-2026-61985 (Missing Authorization vulnerability in magepeopleteam Car
Rental Manag ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-61983 (Missing Authorization vulnerability in andy_moyle Church Admin
church- ...)
@@ -47,25 +47,25 @@ CVE-2026-61952 (Missing Authorization vulnerability in Jose
Vega WooCommerce Bul
CVE-2026-61692
REJECTED
CVE-2026-61505 (Rejetto HFS 3.0.0 through 3.2.0 allows path traversal through
the lang ...)
- TODO: check
+ NOT-FOR-US: Rejetto HFS
CVE-2026-61504 (Rejetto HFS 3.0.0 through 3.2.0 does not escape file names in
its fall ...)
- TODO: check
+ NOT-FOR-US: Rejetto HFS
CVE-2026-61503 (Rejetto HFS 3.0.0 through 3.2.0 returns observably different
responses ...)
- TODO: check
+ NOT-FOR-US: Rejetto HFS
CVE-2026-61502 (Rejetto HFS 3.0.0 through 3.2.0 accepts state-changing API
requests vi ...)
- TODO: check
+ NOT-FOR-US: Rejetto HFS
CVE-2026-61501 (Rejetto HFS 3.0.0 through 3.2.0 renders log entries in the
administrat ...)
- TODO: check
+ NOT-FOR-US: Rejetto HFS
CVE-2026-61500 (Rejetto HFS 3.0.0 through 3.2.0 derives its session-cookie
signing key ...)
- TODO: check
+ NOT-FOR-US: Rejetto HFS
CVE-2026-61498 (Vitec Flamingo 4.12.2 contains an unauthenticated OS command
injection ...)
- TODO: check
+ NOT-FOR-US: Vitec Flamingo
CVE-2026-61463 (Shiori contains a privilege escalation vulnerability in the
account up ...)
- TODO: check
+ NOT-FOR-US: Shiori
CVE-2026-61462 (mcp-gitlab contains a path traversal vulnerability in the
job_id param ...)
- TODO: check
+ NOT-FOR-US: mcp-gitlab
CVE-2026-60121 (Vitec Flamingo 4.12.2 contains an unauthenticated OS command
injection ...)
- TODO: check
+ NOT-FOR-US: Vitec Flamingo
CVE-2026-60103 (Blender 3.0.0 through 5.1.2 contains an out-of-bounds read
vulnerabili ...)
TODO: check
CVE-2026-59523 (Missing Authorization vulnerability in NSquared Simply
Schedule Appoin ...)
@@ -466,9 +466,9 @@ CVE-2026-10085 (Mattermost versions 11.7.x <= 11.7.2,
11.6.x <= 11.6.4, 10.11.x
CVE-2025-45869 (LogicalDOC Enterprise Version up to and before v9.1.1 is
vulnerable to ...)
TODO: check
CVE-2026-9492 (The MBStorage DRAM lighting control module within Gigabyte
Control Cen ...)
- TODO: check
+ NOT-FOR-US: Gigabyte Control Center (GCC)
CVE-2026-7162 (Successful exploitation of the integer overflow vulnerability
could al ...)
- TODO: check
+ NOT-FOR-US: WinFsp
CVE-2026-15553 (Enterprise Cloud Database developed by Ragic has a Arbitrary
File Uplo ...)
TODO: check
CVE-2026-15552 (Enterprise Cloud Database developed by Ragic has a Stored
Cross-Site S ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0263ba048f0e31c3943207de1e54e156185b0095
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0263ba048f0e31c3943207de1e54e156185b0095
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits