Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
29c6e033 by security tracker role at 2026-06-23T19:14:46+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -75,7 +75,7 @@ CVE-2026-55423 (Langflow is a tool for building and deploying 
AI-powered agents
 CVE-2026-55255 (Langflow is a tool for building and deploying AI-powered 
agents and wo ...)
        TODO: check
 CVE-2026-55249 (@rtk-ai/rtk-rewrite transparently rewrites shell commands 
executed via ...)
-       TODO: check
+       NOT-FOR-US: OpenClaw
 CVE-2026-54892 (Inefficient algorithmic complexity in Plug's nested-parameter 
decoder  ...)
        TODO: check
 CVE-2026-54324 (Daytona is a secure and elastic infrastructure runtime for 
AI-generate ...)
@@ -183,7 +183,7 @@ CVE-2026-50019 (yt-dlp is a command-line audio/video 
downloader. From 2023.09.24
 CVE-2026-4983 (Open VSX Registry does not sanitize SVG files uploaded as 
extension ic ...)
        TODO: check
 CVE-2026-4610 (The ProfileGrid \u2013 User Profiles, Groups and Communities 
plugin fo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-49983 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. 
Prior to 2. ...)
        TODO: check
 CVE-2026-49860 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. 
Prior to 2. ...)
@@ -225,7 +225,7 @@ CVE-2026-44789 (n8n is an open source workflow automation 
platform. Prior to 1.1
 CVE-2026-44726 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. 
From 2.0.0  ...)
        TODO: check
 CVE-2026-44089 (TotolinkEX1200L router is vulnerable to Buffer Overflow in the 
login f ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2026-42867 (Langflow is a tool for building and deploying AI-powered 
agents and wo ...)
        TODO: check
 CVE-2026-35019 (NetComm NF20MESH routers running firmware R6B031 and earlier 
contain a ...)
@@ -243,13 +243,13 @@ CVE-2026-13007 (Tenable Identity Exposure contains 
multiple unauthenticated API
 CVE-2026-12969 (An out-of-bounds read vulnerability exists in dnsmasq's 
find_soa() fun ...)
        TODO: check
 CVE-2026-12958 (Missing symlink validation in Language Servers for AWS may 
allow an ar ...)
-       TODO: check
+       NOT-FOR-US: Amazon
 CVE-2026-12957 (Improper trust boundary enforcement in Language Servers for 
AWS before ...)
-       TODO: check
+       NOT-FOR-US: Amazon
 CVE-2026-11772 (DRIMO CMS is vulnerable to Reflected XSS via q parameter in 
searching  ...)
        TODO: check
 CVE-2026-11374 (In ManageEngine ADSelfService Plus, RecoveryManager Plus, M365 
Manager ...)
-       TODO: check
+       NOT-FOR-US: Zoho
 CVE-2026-10857 (Improper neutralization of input during web page generation 
('cross-si ...)
        TODO: check
 CVE-2026-10711 (Missing authentication for critical function vulnerability in 
AKIN Sof ...)
@@ -299,9 +299,9 @@ CVE-2025-61018 (An issue in the sqlo_place_dt_set component 
of openlink virtuoso
 CVE-2025-55639 (GPAC MP4Box v2.4 was discovered to contain a NULL pointer 
dereference  ...)
        TODO: check
 CVE-2025-15619 (HCL Connections contains a broken access control vulnerability 
that ma ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2025-13162 (Uncontrolled Search Path Element vulnerability in ABB Control 
Builder  ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2023-54365 (Traefik before 2.10.5 and 3.0.0-beta4 is affected by a 
denial-of-servi ...)
        TODO: check
 CVE-2026-44517
@@ -594052,11 +594052,11 @@ CVE-2020-9715 (Adobe Acrobat and Reader versions 
2020.009.20074 and earlier, 202
 CVE-2020-9714 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 
2020.001 ...)
        NOT-FOR-US: Adobe
 CVE-2020-9713 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 
2020.001 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2020-9712 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 
2020.001 ...)
        NOT-FOR-US: Adobe
 CVE-2020-9711 (Acrobat Reader versions 2020.009.20074, 2020.001.30002, 
2017.011.30171 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2020-9710 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 
2020.001 ...)
        NOT-FOR-US: Adobe
 CVE-2020-9709
@@ -594088,7 +594088,7 @@ CVE-2020-9697 (Adobe Acrobat and Reader versions 
2020.009.20074 and earlier, 202
 CVE-2020-9696 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 
2020.001 ...)
        NOT-FOR-US: Adobe
 CVE-2020-9695 (Acrobat Reader versions 2020.009.20074, 2020.001.30002, 
2017.011.30171 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2020-9694 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 
2020.001 ...)
        NOT-FOR-US: Adobe
 CVE-2020-9693 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 
2020.001 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29c6e033f071f1bcce2fc0f69aba0429751fe0e6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29c6e033f071f1bcce2fc0f69aba0429751fe0e6
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to