Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ace15197 by security tracker role at 2026-07-04T07:14:01+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2026-58597 (Insufficient ui warning of dangerous operations in Microsoft 
Edge (Chr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58524 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58523 (Improper access control in Microsoft Edge for Android allows 
an unauth ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58522 (Relative path traversal in Microsoft Edge for Android allows 
an unauth ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58426 (Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows 
cross-repo ...)
        TODO: check
 CVE-2026-58424 (Permanent Fork PR Workflow Approval Gate Bypass)
@@ -21,85 +21,85 @@ CVE-2026-58419 (Notification API leaks private issue 
metadata after access revoc
 CVE-2026-58418 (SSRF via HTTP Redirect in Repository Migration)
        TODO: check
 CVE-2026-58300 (Absolute path traversal in Microsoft Edge for Android allows 
an unauth ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58299 (Time-of-check time-of-use (toctou) race condition in Microsoft 
Edge fo ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58298 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58297 (Exposure of private personal information to an unauthorized 
actor in M ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58296 (Exposure of private personal information to an unauthorized 
actor in M ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58295 (Access of resource using incompatible type ('type confusion') 
in Micro ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58294 (Use after free in Microsoft Edge (Chromium-based) allows an 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58293 (External control of file name or path in Microsoft Edge 
(Chromium-base ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58292 (Improper input validation in Microsoft Edge (Chromium-based) 
allows an ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58291 (Operation on a resource after expiration or release in 
Microsoft Edge  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58290 (Access of resource using incompatible type ('type confusion') 
in Micro ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58289 (Access of resource using incompatible type ('type confusion') 
in Micro ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58288 (Use after free in Microsoft Edge (Chromium-based) allows an 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58287 (Use after free in Microsoft Edge (Chromium-based) allows an 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58286 (Improper access control in Microsoft Edge (Chromium-based) 
allows an u ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58285 (Access of resource using incompatible type ('type confusion') 
in Micro ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58284 (Improper authorization in Microsoft Edge (Chromium-based) 
allows an un ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58283 (Access of resource using incompatible type ('type confusion') 
in Micro ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58282 (Improper access control in Microsoft Edge (Chromium-based) 
allows an u ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58278 (Server-side request forgery (ssrf) in Microsoft Edge 
(Chromium-based)  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-58276 (Use after free in Microsoft Edge (Chromium-based) allows an 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57993 (Server-side request forgery (ssrf) in Microsoft Edge 
(Chromium-based)  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57992 (Use after free in Microsoft Edge (Chromium-based) allows an 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57991 (Improper link resolution before file access ('link following') 
in Micr ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57988 (Relative path traversal in Microsoft Edge (Chromium-based) 
allows an u ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57987 (Server-side request forgery (ssrf) in Microsoft Edge 
(Chromium-based)  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57986 (Use after free in Microsoft Edge (Chromium-based) allows an 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57985 (Improper input validation in Microsoft Edge (Chromium-based) 
allows an ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57984 (Use after free in Microsoft Edge (Chromium-based) allows an 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57983 (Improper authorization in Microsoft Edge (Chromium-based) 
allows an un ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57981 (Use after free in Microsoft Edge (Chromium-based) allows an 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57977 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57975 (Access of resource using incompatible type ('type confusion') 
in Micro ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-57974 (Integer overflow or wraparound in Microsoft Edge 
(Chromium-based) allo ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56646 (Exposure of sensitive information to an unauthorized actor in 
Microsof ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-56645 (Heap-based buffer overflow in Microsoft Edge (Chromium-based) 
allows a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-55945 (Concurrent execution using shared resource with improper 
synchronizati ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-54424 (An Incorrect Use of Privileged APIs vulnerability in Unity 
Parsec on W ...)
        TODO: check
 CVE-2026-45489 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-45488 (User interface (ui) misrepresentation of critical information 
in Micro ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2026-28744 (Gitea versions up to and including 1.26.1 allow Git smart HTTP 
request ...)
        TODO: check
 CVE-2026-28740 (Gitea versions up to and including 1.26.2 allow Git LFS object 
reuse t ...)
@@ -175,9 +175,9 @@ CVE-2026-14611 (A vulnerability has been found in DeepMyst 
Mysti up to 0.4.0. Th
 CVE-2026-14610 (A flaw has been found in Open Asset Import Library Assimp up 
to 6.0.5. ...)
        TODO: check
 CVE-2026-14609 (A vulnerability was detected in SourceCodester CET Automated 
Grading S ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-14608 (A security vulnerability has been detected in SourceCodester 
CET Autom ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-14607 (A weakness has been identified in RT-Thread up to 5.0.2. This 
affects  ...)
        TODO: check
 CVE-2026-14606 (A security flaw has been discovered in RT-Thread up to 5.0.2. 
Affected ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ace151975a6f896fefd921e4bfcceb525eb3c0ec

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ace151975a6f896fefd921e4bfcceb525eb3c0ec
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to