Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1f89e2f7 by security tracker role at 2026-02-21T08:13:30+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2026-2865 (A vulnerability was found in itsourcecode Agri-Trading Online
Shopping ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-2864 (A vulnerability has been found in feng_ha_ha/megagao ssm-erp
and produ ...)
TODO: check
CVE-2026-2863 (A flaw has been found in feng_ha_ha/megagao ssm-erp and
production_ssm ...)
@@ -11,13 +11,13 @@ CVE-2026-2860 (A security vulnerability has been detected
in feng_ha_ha/megagao
CVE-2026-2858 (A vulnerability was identified in wren-lang wren up to 0.4.0.
This aff ...)
TODO: check
CVE-2026-2857 (A vulnerability was determined in D-Link DWR-M960 1.01.07.
Affected by ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-2856 (A vulnerability was found in D-Link DWR-M960 1.01.07. Affected
by this ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-2855 (A vulnerability has been found in D-Link DWR-M960 1.01.07.
Affected is ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-2635 (MLflow Use of Default Password Authentication Bypass
Vulnerability. Th ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2026-2492 (TensorFlow HDF5 Library Uncontrolled Search Path Element Local
Privile ...)
TODO: check
CVE-2026-2490 (RustDesk Client for Windows Transfer File Link Following
Information D ...)
@@ -37,7 +37,7 @@ CVE-2026-2042 (Nagios Host monitoringwizard Command Injection
Remote Code Execut
CVE-2026-2041 (Nagios Host zabbixagent_configwizard_func Command Injection
Remote Cod ...)
TODO: check
CVE-2026-2040 (PDF-XChange Editor TrackerUpdate Uncontrolled Search Path
Element Loca ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange
CVE-2026-2039 (GFI Archiver MArc.Store Missing Authorization Authentication
Bypass Vu ...)
TODO: check
CVE-2026-2038 (GFI Archiver MArc.Core Missing Authorization Authentication
Bypass Vul ...)
@@ -51,7 +51,7 @@ CVE-2026-2035 (Deciso OPNsense diag_backup.php filename
Command Injection Remote
CVE-2026-2034 (Sante DICOM Viewer Pro DCM File Parsing Buffer Overflow Remote
Code Ex ...)
TODO: check
CVE-2026-2033 (MLflow Tracking Server Artifact Handler Directory Traversal
Remote Cod ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2026-27534
REJECTED
CVE-2026-27533
@@ -175,7 +175,7 @@ CVE-2026-0797 (GIMP ICO File Parsing Heap-based Buffer
Overflow Remote Code Exec
CVE-2026-0777 (Xmind Attachment Insufficient UI Warning Remote Code Execution
Vulnera ...)
TODO: check
CVE-2025-62326 (HCL Digital Experience is susceptible to stored cross-site
scripting ( ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2019-25454 (phpMoAdmin 1.1.5 contains a stored cross-site scripting
vulnerability ...)
TODO: check
CVE-2019-25453 (phpMoAdmin 1.1.5 contains a reflected cross-site scripting
vulnerabili ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f89e2f7d38cba068eaedf646148affecdf07a35
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f89e2f7d38cba068eaedf646148affecdf07a35
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
