Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
29c6e033 by security tracker role at 2026-06-23T19:14:46+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -75,7 +75,7 @@ CVE-2026-55423 (Langflow is a tool for building and deploying
AI-powered agents
CVE-2026-55255 (Langflow is a tool for building and deploying AI-powered
agents and wo ...)
TODO: check
CVE-2026-55249 (@rtk-ai/rtk-rewrite transparently rewrites shell commands
executed via ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-54892 (Inefficient algorithmic complexity in Plug's nested-parameter
decoder ...)
TODO: check
CVE-2026-54324 (Daytona is a secure and elastic infrastructure runtime for
AI-generate ...)
@@ -183,7 +183,7 @@ CVE-2026-50019 (yt-dlp is a command-line audio/video
downloader. From 2023.09.24
CVE-2026-4983 (Open VSX Registry does not sanitize SVG files uploaded as
extension ic ...)
TODO: check
CVE-2026-4610 (The ProfileGrid \u2013 User Profiles, Groups and Communities
plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-49983 (Deno is a JavaScript, TypeScript, and WebAssembly runtime.
Prior to 2. ...)
TODO: check
CVE-2026-49860 (Deno is a JavaScript, TypeScript, and WebAssembly runtime.
Prior to 2. ...)
@@ -225,7 +225,7 @@ CVE-2026-44789 (n8n is an open source workflow automation
platform. Prior to 1.1
CVE-2026-44726 (Deno is a JavaScript, TypeScript, and WebAssembly runtime.
From 2.0.0 ...)
TODO: check
CVE-2026-44089 (TotolinkEX1200L router is vulnerable to Buffer Overflow in the
login f ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-42867 (Langflow is a tool for building and deploying AI-powered
agents and wo ...)
TODO: check
CVE-2026-35019 (NetComm NF20MESH routers running firmware R6B031 and earlier
contain a ...)
@@ -243,13 +243,13 @@ CVE-2026-13007 (Tenable Identity Exposure contains
multiple unauthenticated API
CVE-2026-12969 (An out-of-bounds read vulnerability exists in dnsmasq's
find_soa() fun ...)
TODO: check
CVE-2026-12958 (Missing symlink validation in Language Servers for AWS may
allow an ar ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2026-12957 (Improper trust boundary enforcement in Language Servers for
AWS before ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2026-11772 (DRIMO CMS is vulnerable to Reflected XSS via q parameter in
searching ...)
TODO: check
CVE-2026-11374 (In ManageEngine ADSelfService Plus, RecoveryManager Plus, M365
Manager ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2026-10857 (Improper neutralization of input during web page generation
('cross-si ...)
TODO: check
CVE-2026-10711 (Missing authentication for critical function vulnerability in
AKIN Sof ...)
@@ -299,9 +299,9 @@ CVE-2025-61018 (An issue in the sqlo_place_dt_set component
of openlink virtuoso
CVE-2025-55639 (GPAC MP4Box v2.4 was discovered to contain a NULL pointer
dereference ...)
TODO: check
CVE-2025-15619 (HCL Connections contains a broken access control vulnerability
that ma ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-13162 (Uncontrolled Search Path Element vulnerability in ABB Control
Builder ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2023-54365 (Traefik before 2.10.5 and 3.0.0-beta4 is affected by a
denial-of-servi ...)
TODO: check
CVE-2026-44517
@@ -594052,11 +594052,11 @@ CVE-2020-9715 (Adobe Acrobat and Reader versions
2020.009.20074 and earlier, 202
CVE-2020-9714 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier,
2020.001 ...)
NOT-FOR-US: Adobe
CVE-2020-9713 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier,
2020.001 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-9712 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier,
2020.001 ...)
NOT-FOR-US: Adobe
CVE-2020-9711 (Acrobat Reader versions 2020.009.20074, 2020.001.30002,
2017.011.30171 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-9710 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier,
2020.001 ...)
NOT-FOR-US: Adobe
CVE-2020-9709
@@ -594088,7 +594088,7 @@ CVE-2020-9697 (Adobe Acrobat and Reader versions
2020.009.20074 and earlier, 202
CVE-2020-9696 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier,
2020.001 ...)
NOT-FOR-US: Adobe
CVE-2020-9695 (Acrobat Reader versions 2020.009.20074, 2020.001.30002,
2017.011.30171 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-9694 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier,
2020.001 ...)
NOT-FOR-US: Adobe
CVE-2020-9693 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier,
2020.001 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29c6e033f071f1bcce2fc0f69aba0429751fe0e6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29c6e033f071f1bcce2fc0f69aba0429751fe0e6
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits