Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6b2bdb00 by Salvatore Bonaccorso at 2026-02-25T09:34:54+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,7 +13,7 @@ CVE-2026-3166 (A vulnerability was identified in Tenda F453
1.0.0.3. The affecte
CVE-2026-3165 (A vulnerability was determined in Tenda F453 1.0.0.3. Impacted
is the ...)
NOT-FOR-US: Tenda
CVE-2026-3164 (A vulnerability was found in itsourcecode News Portal Project
1.0. Thi ...)
- TODO: check
+ NOT-FOR-US: itsourcecode News Portal Project
CVE-2026-3163 (A vulnerability has been found in SourceCodester Website Link
Extracto ...)
NOT-FOR-US: SourceCodester
CVE-2026-3153 (A vulnerability has been found in itsourcecode Document
Management Sys ...)
@@ -37,9 +37,9 @@ CVE-2026-3145 (A flaw has been found in libvips up to 8.18.0.
The affected eleme
CVE-2026-3137 (A security vulnerability has been detected in CodeAstro Food
Ordering ...)
NOT-FOR-US: CodeAstro
CVE-2026-3135 (A weakness has been identified in itsourcecode News Portal
Project 1.0 ...)
- TODO: check
+ NOT-FOR-US: itsourcecode News Portal Project
CVE-2026-3134 (A security flaw has been discovered in itsourcecode News Portal
Projec ...)
- TODO: check
+ NOT-FOR-US: itsourcecode News Portal Project
CVE-2026-3133 (A vulnerability has been found in itsourcecode Document
Management Sys ...)
NOT-FOR-US: itsourcecode System
CVE-2026-3100 (The FTP Backup on the ADM will not properly strictly enforce
TLS certi ...)
@@ -47,7 +47,7 @@ CVE-2026-3100 (The FTP Backup on the ADM will not properly
strictly enforce TLS
CVE-2026-2914 (CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and
lower a ...)
NOT-FOR-US: Palo Alto Networks
CVE-2026-27822 (RustFS is a distributed object storage system built in Rust.
Prior to ...)
- TODO: check
+ NOT-FOR-US: RustFS
CVE-2026-27747 (The SPIP interface_traduction_objets plugin versions prior
to4.3.3 con ...)
TODO: check
CVE-2026-27746 (The SPIP jeux plugin versions prior to4.1.1 contain a
reflected cross- ...)
@@ -59,69 +59,69 @@ CVE-2026-27744 (The SPIP tickets plugin versions prior
to4.3.3 contain an unauth
CVE-2026-27743 (The SPIP referer_spam plugin versions prior to1.3.0 contain an
unauthe ...)
TODO: check
CVE-2026-27696 (changedetection.io is a free open source web page change
detection too ...)
- TODO: check
+ NOT-FOR-US: changedetection.io
CVE-2026-27645 (changedetection.io is a free open source web page change
detection too ...)
- TODO: check
+ NOT-FOR-US: changedetection.io
CVE-2026-27641 (Flask-Reuploaded provides file uploads for Flask. A critical
path trav ...)
TODO: check
CVE-2026-27640 (tfplan2md is software for converting Terraform plan JSON files
into hu ...)
TODO: check
CVE-2026-27639 (Mercator is an open source web application designed to enable
mapping ...)
- TODO: check
+ NOT-FOR-US: Mercator
CVE-2026-27637 (FreeScout is a free help desk and shared inbox built with
PHP's Larave ...)
- TODO: check
+ NOT-FOR-US: FreeScout
CVE-2026-27636 (FreeScout is a free help desk and shared inbox built with
PHP's Larave ...)
- TODO: check
+ NOT-FOR-US: FreeScout
CVE-2026-27632 (Talishar is a fan-made Flesh and Blood project. Prior to
commit 6be387 ...)
- TODO: check
+ NOT-FOR-US: Talishar
CVE-2026-27629 (InvenTree is an Open Source Inventory Management System. Prior
to vers ...)
- TODO: check
+ NOT-FOR-US: InvenTree
CVE-2026-27628 (pypdf is a free and open-source pure-python PDF library. Prior
to 6.7. ...)
TODO: check
CVE-2026-27627 (Karakeep is a elf-hostable bookmark-everything app. In version
0.30.0, ...)
- TODO: check
+ NOT-FOR-US: Karakeep
CVE-2026-27626 (OliveTin gives access to predefined shell commands from a web
interfac ...)
- TODO: check
+ NOT-FOR-US: OliveTin
CVE-2026-27621 (TypiCMS is a multilingual content management system based on
the Larav ...)
- TODO: check
+ NOT-FOR-US: TypiCMS
CVE-2026-27615 (ADB Explorer is a fluent UI for ADB on Windows. In versions
prior to B ...)
- TODO: check
+ NOT-FOR-US: ADB Explorer
CVE-2026-27614 (Bugsink is a self-hosted error tracking tool. In versions
prior to 2.0 ...)
- TODO: check
+ NOT-FOR-US: Bugsink
CVE-2026-27612 (Repostat is a React component to fetch and display GitHub
repository i ...)
- TODO: check
+ NOT-FOR-US: Repostat
CVE-2026-27611 (FileBrowser Quantum is a free, self-hosted, web-based file
manager. Pr ...)
- TODO: check
+ NOT-FOR-US: FileBrowser Quantum
CVE-2026-27610 (Parse Dashboard is a standalone dashboard for managing Parse
Server ap ...)
- TODO: check
+ NOT-FOR-US: Parse Dashboard
CVE-2026-27609 (Parse Dashboard is a standalone dashboard for managing Parse
Server ap ...)
- TODO: check
+ NOT-FOR-US: Parse Dashboard
CVE-2026-27608 (Parse Dashboard is a standalone dashboard for managing Parse
Server ap ...)
- TODO: check
+ NOT-FOR-US: Parse Dashboard
CVE-2026-27607 (RustFS is a distributed object storage system built in Rust.
In versio ...)
- TODO: check
+ NOT-FOR-US: RustFS
CVE-2026-27606 (Rollup is a module bundler for JavaScript. Versions prior to
2.80.0, 3 ...)
TODO: check
CVE-2026-27598 (Dagu is a workflow engine with a built-in Web user interface.
In versi ...)
- TODO: check
+ NOT-FOR-US: Dagu
CVE-2026-27597 (Enclave is a secure JavaScript sandbox designed for safe AI
agent code ...)
TODO: check
CVE-2026-27595 (Parse Dashboard is a standalone dashboard for managing Parse
Server ap ...)
- TODO: check
+ NOT-FOR-US: Parse Dashboard
CVE-2026-27593 (Statmatic is a Laravel and Git powered content management
system (CMS) ...)
- TODO: check
+ NOT-FOR-US: Statmatic CMS
CVE-2026-27117 (bit7z is a cross-platform C++ static library that allows the
compressi ...)
- TODO: check
+ NOT-FOR-US: bit7z
CVE-2026-26351 (GetSimpleCMS Community Edition (CE) version 3.3.16 contains a
stored c ...)
- TODO: check
+ NOT-FOR-US: GetSimpleCMS
CVE-2026-25899 (Fiber is an Express inspired web framework written in Go. In
versions ...)
- TODO: check
+ NOT-FOR-US: Fiber
CVE-2026-25891 (Fiber is an Express inspired web framework written in Go. A
Path Trave ...)
- TODO: check
+ NOT-FOR-US: Fiber
CVE-2026-25882 (Fiber is an Express inspired web framework written in Go. A
denial of ...)
- TODO: check
+ NOT-FOR-US: Fiber
CVE-2026-25785 (Path traversal vulnerability exists in Lanscope Endpoint
Manager (On-P ...)
- TODO: check
+ NOT-FOR-US: Lanscope Endpoint Manager Sub-Manager Server
CVE-2026-25135 (OpenEMR is a free and open source electronic health records
and medica ...)
NOT-FOR-US: OpenEMR
CVE-2026-25131 (OpenEMR is a free and open source electronic health records
and medica ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b2bdb0026e040ee0dde639d9ea09b591a776533
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b2bdb0026e040ee0dde639d9ea09b591a776533
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
