Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
648491a4 by security tracker role at 2026-07-11T19:13:53+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,7 +11,7 @@ CVE-2026-61465 (ImageMagick before 7.1.2-26 and 6.9.13-51 is 
missing a check for
 CVE-2026-61454 (The Grav Admin2 plugin (getgrav/grav-plugin-admin2) before 
2.0.4 embed ...)
        TODO: check
 CVE-2026-61448 (Parse Server is affected by a stored cross-site scripting 
(XSS) vulner ...)
-       TODO: check
+       NOT-FOR-US: Parse Server
 CVE-2026-61447 (PraisonAI before 1.6.78 contains a remote code execution 
vulnerability ...)
        TODO: check
 CVE-2026-61445 (PraisonAI before 4.6.78 contains arbitrary file write and 
command exec ...)
@@ -31,9 +31,9 @@ CVE-2026-60090 (PraisonAI before 4.6.78 fails to validate the 
caller-controlled
 CVE-2026-60088 (PraisonAI before 4.6.78 fails to validate file path references 
in cust ...)
        TODO: check
 CVE-2026-57828 (The Joomla extension Phoca Downloads is vulnerable to an 
authenticated ...)
-       TODO: check
+       NOT-FOR-US: Joomla
 CVE-2026-57827 (The Joomla extension RSFiles is vulnerable to an 
unauthenticated arbit ...)
-       TODO: check
+       NOT-FOR-US: Joomla
 CVE-2026-56763 (Hono before 4.12.7 allows __proto__ key in parseBody with dot 
option e ...)
        TODO: check
 CVE-2026-56372 (ImageMagick before 7.1.2-19 contains a heap buffer overflow 
vulnerabil ...)
@@ -45,9 +45,9 @@ CVE-2026-56296 (Cap-go before 12.128.2 contains an 
information disclosure vulner
 CVE-2026-56240 (Capgo before 12.128.12 contains a billing authorization bypass 
vulnera ...)
        TODO: check
 CVE-2026-1359 (The Genolve \u2013 AI image AI video generation plugin for 
WordPress i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-10660 (The Bluetooth BAP Broadcast Assistant GATT client in 
subsys/bluetooth/ ...)
-       TODO: check
+       NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2026-9738 (The Print, PDF, Email by PrintFriendly plugin for WordPress is 
vulnera ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-9726 (Improperly Controlled Modification of Dynamically-Determined 
Object At ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/648491a4ef4ebb7c74857c7d2af668b4e7bb3e37

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/648491a4ef4ebb7c74857c7d2af668b4e7bb3e37
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to