Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
440548a6 by Salvatore Bonaccorso at 2026-06-25T10:17:17+02:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,41 +27,41 @@ CVE-2026-9775 (ATEN Unizon uploadSSL Directory Traversal 
Arbitrary File Deletion
 CVE-2026-9774 (ATEN Unizon updateLicense Directory Traversal Arbitrary File 
Deletion  ...)
        NOT-FOR-US: ATEN
 CVE-2026-9773 (Unraid Web Server ToggleState Command Injection Remote Code 
Execution  ...)
-       TODO: check
+       NOT-FOR-US: Unraid Web Server
 CVE-2026-9772 (Unraid Web Server FileUpload Command Injection Remote Code 
Execution V ...)
-       TODO: check
+       NOT-FOR-US: Unraid Web Server
 CVE-2026-9702 (The InPost PL WordPress plugin before 1.9.1 does not verify 
that the r ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-9155 (OS Command Injection vulnerability in Rapid7 InsightConnect Sed 
Plugin ...)
-       TODO: check
+       NOT-FOR-US: Rapid7
 CVE-2026-9154 (Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed 
Plugin ...)
-       TODO: check
+       NOT-FOR-US: Rapid7
 CVE-2026-9153 (Arbitrary File Read vulnerability in Rapid7 InsightConnect Sed 
Plugin  ...)
-       TODO: check
+       NOT-FOR-US: Rapid7
 CVE-2026-8666 (OS Command Injection vulnerability in the traceroute action of 
Rapid7  ...)
-       TODO: check
+       NOT-FOR-US: Rapid7
 CVE-2026-8665 (OS Command Injection vulnerability in the TR action of Rapid7 
InsightC ...)
-       TODO: check
+       NOT-FOR-US: Rapid7
 CVE-2026-8664 (OS Command Injection vulnerability in Rapid7 InsightConnect 
Finger Plu ...)
-       TODO: check
+       NOT-FOR-US: Rapid7
 CVE-2026-8663 (OS Command Injection vulnerability in Rapid7 InsightConnect RPM 
Plugin ...)
-       TODO: check
+       NOT-FOR-US: Rapid7
 CVE-2026-8662 (Path Traversal vulnerability in the create_archive function of 
Rapid7  ...)
-       TODO: check
+       NOT-FOR-US: Rapid7
 CVE-2026-8660 (OS Command Injection vulnerability in the ping action of Rapid7 
Insigh ...)
-       TODO: check
+       NOT-FOR-US: Rapid7
 CVE-2026-8659 (OS Command Injection vulnerability in Rapid7 InsightConnect 
SQLmap Plu ...)
-       TODO: check
+       NOT-FOR-US: Rapid7
 CVE-2026-8658 (OS Command Injection vulnerability in Rapid7 InsightConnect 
Tcpdump Pl ...)
-       TODO: check
+       NOT-FOR-US: Rapid7
 CVE-2026-8592 (OS Command Injection vulnerability in the process_string action 
of Rap ...)
-       TODO: check
+       NOT-FOR-US: Rapid7
 CVE-2026-8330 (GitLab has remediated an issue in GitLab CE/EE affecting all 
versions  ...)
        NOT-FOR-US: GitLab (used to be packaged in the Debian archive as 
src:gitlab, but never in a stable release)
 CVE-2026-7570 (Quest NetVault Backup NVBUDashboard SQL Injection Remote Code 
Executio ...)
-       TODO: check
+       NOT-FOR-US: Quest
 CVE-2026-7569 (Quest NetVault Backup viewclient Cross-Site Scripting 
Authentication B ...)
-       TODO: check
+       NOT-FOR-US: Quest
 CVE-2026-7539 (A potential security vulnerability has been identified in the 
HP Acces ...)
        NOT-FOR-US: HP
 CVE-2026-5952 (GitLab has remediated an issue in GitLab CE/EE affecting all 
versions  ...)
@@ -75,85 +75,85 @@ CVE-2026-5305 (The Email Address Encoder WordPress plugin 
before 1.0.25, email-e
 CVE-2026-57589 (sys/kern/sysv_sem.c in OpenBSD through 7.9 has a 
use-after-free allowi ...)
        TODO: check
 CVE-2026-55762 (Rocket.Chat is an open-source, secure, fully customizable 
communicatio ...)
-       TODO: check
+       NOT-FOR-US: Rocket.Chat
 CVE-2026-55759 (Rocket.Chat is an open-source, secure, fully customizable 
communicatio ...)
-       TODO: check
+       NOT-FOR-US: Rocket.Chat
 CVE-2026-55666 (Rocket.Chat is an open-source, secure, fully customizable 
communicatio ...)
-       TODO: check
+       NOT-FOR-US: Rocket.Chat
 CVE-2026-55583 (Twenty is an open-source CRM (customer relationship 
management) platfo ...)
-       TODO: check
+       NOT-FOR-US: Twenty CRM
 CVE-2026-55570 (SiYuan is an open-source personal knowledge management system. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: SiYuan
 CVE-2026-55455 (Appsmith is a platform to build admin panels, internal tools, 
and dash ...)
-       TODO: check
+       NOT-FOR-US: Appsmith
 CVE-2026-55454 (Appsmith is a platform to build admin panels, internal tools, 
and dash ...)
-       TODO: check
+       NOT-FOR-US: Appsmith
 CVE-2026-54759 (SiYuan is an open-source personal knowledge management system. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: SiYuan
 CVE-2026-54158 (SiYuan is an open-source personal knowledge management system. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: SiYuan
 CVE-2026-54070 (SiYuan is an open-source personal knowledge management system. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: SiYuan
 CVE-2026-54069 (SiYuan is an open-source personal knowledge management system. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: SiYuan
 CVE-2026-54068 (SiYuan is an open-source personal knowledge management system. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: SiYuan
 CVE-2026-54067 (SiYuan is an open-source personal knowledge management system. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: SiYuan
 CVE-2026-54066 (SiYuan is an open-source personal knowledge management system. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: SiYuan
 CVE-2026-53766 (Chrome DevTools for agents (chrome-devtools-mcp) lets your 
coding agen ...)
        TODO: check
 CVE-2026-53765 (Chrome DevTools for agents (chrome-devtools-mcp) lets your 
coding agen ...)
        TODO: check
 CVE-2026-52816 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, the J ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52815 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, Gogs  ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52814 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, the G ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52813 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, organ ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52812 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, Git L ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52811 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, (*Rep ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52810 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, Git s ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52809 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, passw ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52808 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, three ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52807 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, in ne ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52806 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, Gogs  ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52805 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, a Ser ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52804 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, a rep ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52802 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, an op ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52801 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, the G ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52800 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, organ ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52799 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, GET / ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52798 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, altho ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52797 (Gogs is an open source self-hosted Git service. Prior to 
0.14.0, as an ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52796 (Gogs is an open source self-hosted Git service. Prior to 
0.14.3, speci ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52795 (Gogs is an open source self-hosted Git service. In 0.14.3 and 
earlier, ...)
-       TODO: check
+       NOT-FOR-US: Go Git Service
 CVE-2026-52794 (Sentry is an error tracking and performance monitoring tool. 
From 24.4 ...)
-       TODO: check
+       NOT-FOR-US: Sentry
 CVE-2026-50551 (SiYuan is an open-source personal knowledge management system. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: SiYuan
 CVE-2026-50189 (Appsmith is a platform to build admin panels, internal tools, 
and dash ...)
-       TODO: check
+       NOT-FOR-US: Appsmith
 CVE-2026-50129 (Mastodon is a free, open-source social network server based on 
Activit ...)
        TODO: check
 CVE-2026-50128 (Mastodon is a free, open-source social network server based on 
Activit ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/440548a6336dc2e5c6e5bdf5054a0cb78705f400

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/440548a6336dc2e5c6e5bdf5054a0cb78705f400
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to