Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f4b2b243 by Salvatore Bonaccorso at 2026-07-13T23:10:39+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -90,11 +90,11 @@ CVE-2026-59516 (Improper Neutralization of Input During Web 
Page Generation ('Cr
 CVE-2026-59515 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-59245 (In the Apache Airflow FAB auth manager, a DAG whose `dag_id` 
is `DAGs` ...)
-       TODO: check
+       NOT-FOR-US: Apache Airflow FAB auth manager
 CVE-2026-58228 (Cross-site scripting vulnerability in phoenixframework 
phoenix_live_vi ...)
-       TODO: check
+       NOT-FOR-US: phoenixframework phoenix_live_view
 CVE-2026-58065 (The Apache Airflow Git provider runs its git-over-SSH 
operations with  ...)
-       TODO: check
+       NOT-FOR-US: Apache Airflow Git provider
 CVE-2026-57830 (The Joomla extension Helix Ultimate is vulnerable to an 
unauthenticate ...)
        NOT-FOR-US: Joomla
 CVE-2026-57829 (The Joomla extension Helix Ultimate is vulnerable to an 
unauthenticate ...)
@@ -374,7 +374,7 @@ CVE-2026-57364 (Improper Validation of Specified Quantity 
in Input vulnerability
 CVE-2026-57363 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-55772 (CedarJava is an open source Java implementation of the Cedar 
policy la ...)
-       TODO: check
+       NOT-FOR-US: CedarJava
 CVE-2026-53365 (In the Linux kernel, the following vulnerability has been 
resolved:  v ...)
        - linux 7.0.12-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
@@ -387,17 +387,17 @@ CVE-2026-53364 (In the Linux kernel, the following 
vulnerability has been resolv
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/bfa9d28960ed677d556bdf097073bc3129686229 (7.1-rc6)
 CVE-2026-4769 (Certain devices in the WAGO System I/O Field series activate an 
intern ...)
-       TODO: check
+       NOT-FOR-US: WAGO
 CVE-2026-4765 (Stored Cross-Site Scripting (XSS) vulnerability in the RD 
Station Conv ...)
-       TODO: check
+       NOT-FOR-US: RD Station Conversas chat
 CVE-2026-49972 (Laravel-Mediable before 7.0.0 contains a file upload 
vulnerability tha ...)
-       TODO: check
+       NOT-FOR-US: Laravel-Mediable
 CVE-2026-49971 (Laravel-Mediable before 7.0.0 contains a stored cross-site 
scripting v ...)
-       TODO: check
+       NOT-FOR-US: Laravel-Mediable
 CVE-2026-49970 (Laravel-Mediable before 7.0.0 contains a path traversal 
vulnerability  ...)
-       TODO: check
+       NOT-FOR-US: Laravel-Mediable
 CVE-2026-49969 (Laravel-Mediable before 7.0.0 contains a server-side request 
forgery v ...)
-       TODO: check
+       NOT-FOR-US: Laravel-Mediable
 CVE-2026-49876 (Authenticated SSRF in Gravitino JobManager allows server-side 
HTTP req ...)
        NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-41041 (URL path injection via unencoded user-supplied identifiers 
vulnerabili ...)
@@ -5372,7 +5372,7 @@ CVE-2026-58653 (PraisonAI before 0.1.7 fails to validate 
that project_id in issu
 CVE-2026-58652 (luci-app-travelmate (and the travelmate package) contain a 
privilege-e ...)
        NOT-FOR-US: luci-app-travelmate
 CVE-2026-58465 (Eclipse Wakaama before snapshot/2026-05-26 contains an 
unbounded memor ...)
-       TODO: check
+       NOT-FOR-US: Eclipse Wakaama
 CVE-2026-58455 (Dockwatch through 0.6.567 contains an unauthenticated OS 
command injec ...)
        NOT-FOR-US: Dockwatch
 CVE-2026-57766 (Unauthenticated Cross Site Request Forgery (CSRF) in WPIDE 
\u2013 File ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4b2b243d94dff51ad3984f7f536657efb4187a7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4b2b243d94dff51ad3984f7f536657efb4187a7
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to