Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
51668b8a by Salvatore Bonaccorso at 2026-06-30T08:31:17+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -154,24 +154,24 @@ CVE-2026-25707 (A relative path traversal bug problem
when processing repository
- libzypp 17.38.11-1
NOTE:
https://github.com/openSUSE/libzypp/commit/f09feda7fca03c941218aab0bb161cc82b185b6b
(17.38.10)
CVE-2026-22078 (Because O+ Connect's IPC service does not authenticate
clients, extern ...)
- TODO: check
+ NOT-FOR-US: Oppo
CVE-2026-13757 (A flaw was found in p11-kit. The RPC message attribute parsing
functio ...)
- p11-kit <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2494556
CVE-2026-13752 (Improper neutralization of parameters in Snowflake CLI
versions prior ...)
- TODO: check
+ NOT-FOR-US: Snowflake CLI
CVE-2026-13751 (Improper handling of untrusted remote references in Snowflake
CLI vers ...)
- TODO: check
+ NOT-FOR-US: Snowflake CLI
CVE-2026-13750 (Insertion of sensitive information into log files in Snowflake
CLI ver ...)
- TODO: check
+ NOT-FOR-US: Snowflake CLI
CVE-2026-13749 (Improper neutralization in the Snowpark annotation processor
callback ...)
- TODO: check
+ NOT-FOR-US: Snowflake CLI
CVE-2026-13748 (Improper restriction of file path resolution in Snowflake CLI
versions ...)
- TODO: check
+ NOT-FOR-US: Snowflake CLI
CVE-2026-13746 (Improper neutralization of local CLI parameters in Snowflake
CLI versi ...)
- TODO: check
+ NOT-FOR-US: Snowflake CLI
CVE-2026-13744 (Improper neutralization of attacker-controlled content in
Snowflake CL ...)
- TODO: check
+ NOT-FOR-US: Snowflake CLI
CVE-2026-13742 (Honeywell IQ MultiAccess, all versions prior to and including
version ...)
NOT-FOR-US: Honeywell
CVE-2026-13676 (fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fail to
canonicalize U ...)
@@ -183,17 +183,17 @@ CVE-2026-13595 (A flaw was found in the libblkid library
of util-linux. During n
NOTE:
https://github.com/util-linux/util-linux/commit/60ca8616ac1a223bfb5a713047a37136dd9481ef
(v2.42.2)
NOTE:
https://github.com/util-linux/util-linux/commit/132d9c8aa15a8efd0a23d8ca7ed8b98f365e84fa
(v2.41.5)
CVE-2026-13592 (A vulnerability was detected in liftoff-sr CIPster up to
e8e9dba09bf56 ...)
- TODO: check
+ NOT-FOR-US: liftoff-sr CIPster
CVE-2026-13591 (A weakness has been identified in DeepMyst Mysti 0.4.0.
Affected is th ...)
- TODO: check
+ NOT-FOR-US: DeepMyst Mysti
CVE-2026-13590 (A security flaw has been discovered in seladb PcapPlusPlus
25.05. This ...)
- TODO: check
+ NOT-FOR-US: seladb PcapPlusPlus
CVE-2026-13589 (A vulnerability was identified in seladb PcapPlusPlus 25.05.
This affe ...)
- TODO: check
+ NOT-FOR-US: seladb PcapPlusPlus
CVE-2026-13588 (A vulnerability was determined in seladb PcapPlusPlus 25.05.
The impac ...)
- TODO: check
+ NOT-FOR-US: seladb PcapPlusPlus
CVE-2026-13587 (A vulnerability was found in seladb PcapPlusPlus 25.05. The
affected e ...)
- TODO: check
+ NOT-FOR-US: seladb PcapPlusPlus
CVE-2026-13583 (A vulnerability has been found in Edimax EW-7478APC 1.04.
Impacted is ...)
NOT-FOR-US: Edimax
CVE-2026-13582 (A flaw has been found in Edimax EW-7478APC 1.04. This issue
affects th ...)
@@ -217,7 +217,7 @@ CVE-2026-13571 (A flaw has been found in SourceCodester
Simple Food Ordering Sys
CVE-2026-13570 (A vulnerability was detected in SourceCodester Inventory
Management Sy ...)
NOT-FOR-US: SourceCodester
CVE-2026-13569 (A security vulnerability has been detected in weng-xianhu
EyouCMS up t ...)
- TODO: check
+ NOT-FOR-US: weng-xianhu EyouCMS
CVE-2026-13568 (A weakness has been identified in SourceCodester Inventory
Management ...)
NOT-FOR-US: SourceCodester
CVE-2026-13567 (A security flaw has been discovered in code-projects Online
Music Site ...)
@@ -237,7 +237,7 @@ CVE-2026-13561 (A vulnerability was detected in Edimax
EW-7478APC 1.04. The impa
CVE-2026-13560 (A security vulnerability has been detected in Edimax
EW-7478APC 1.04. ...)
NOT-FOR-US: Edimax
CVE-2026-13559 (A weakness has been identified in code-projects Real State
Services 1. ...)
- TODO: check
+ NOT-FOR-US: code-projects Real State Services
CVE-2026-13558 (A security flaw has been discovered in CodeAstro Complaint
Management ...)
NOT-FOR-US: CodeAstro
CVE-2026-13557 (A vulnerability was identified in itsourcecode Online Hotel
Management ...)
@@ -337,7 +337,7 @@ CVE-2026-13538 (A vulnerability was determined in Wavlink
WL-NU516U1-A M16U1_V24
CVE-2026-13537 (A vulnerability was found in CodeAstro Human Resource
Management Syste ...)
NOT-FOR-US: CodeAstro
CVE-2026-13536 (A vulnerability has been found in GotoHTTP up to 10.2. This
issue affe ...)
- TODO: check
+ NOT-FOR-US: GotoHTTP
CVE-2026-13535 (A flaw has been found in CodeAstro Human Resource Management
System 1. ...)
NOT-FOR-US: CodeAstro
CVE-2026-13534 (A vulnerability was detected in CherryHQ cherry-studio up to
1.9.7. Th ...)
@@ -365,7 +365,7 @@ CVE-2026-13524 (A security vulnerability has been detected
in CherryHQ cherry-st
CVE-2026-13523 (A weakness has been identified in GPAC up to 26.02.0. This
affects an ...)
TODO: check
CVE-2026-13522 (A security flaw has been discovered in Investintech
SlimPDFReader up t ...)
- TODO: check
+ NOT-FOR-US: Investintech SlimPDFReader
CVE-2026-13521 (A vulnerability was identified in SourceCodester Class and
Exam Timeta ...)
NOT-FOR-US: SourceCodester
CVE-2026-13520 (A vulnerability was determined in itsourcecode Hospital
Management Sys ...)
@@ -381,21 +381,21 @@ CVE-2026-13516 (A vulnerability was detected in Tenda
JD12L 16.03.53.23. The aff
CVE-2026-13515 (A security vulnerability has been detected in Tenda JD12L
16.03.53.23. ...)
NOT-FOR-US: Tenda
CVE-2026-13514 (A weakness has been identified in Chess Play and Learn App up
to 4.9.4 ...)
- TODO: check
+ NOT-FOR-US: Chess Play and Learn App on Android
CVE-2026-13513 (A security flaw has been discovered in MyScale MyScaleDB up to
1.8.0. ...)
- TODO: check
+ NOT-FOR-US: MyScale MyScaleDB
CVE-2026-13512 (A vulnerability was identified in Databend up to 1.2.881 on
HTTP. This ...)
- TODO: check
+ NOT-FOR-US: Databend
CVE-2026-13511 (A vulnerability was determined in VoltAgent up to 2.1.17.
Affected by ...)
- TODO: check
+ NOT-FOR-US: VoltAgent
CVE-2026-13510 (A vulnerability was found in SimStudioAI sim up to 0.6.92.
Affected by ...)
- TODO: check
+ NOT-FOR-US: SimStudioAI sim
CVE-2026-13509 (A vulnerability has been found in RAGapp up to 0.1.5. Affected
is the ...)
- TODO: check
+ NOT-FOR-US: RAGapp
CVE-2026-13508 (A flaw has been found in khoj-ai khoj up to 2.0.0-beta.28.
This impact ...)
- TODO: check
+ NOT-FOR-US: khoj-ai khoj
CVE-2026-13507 (A vulnerability was detected in volcengine OpenViking up to
0.3.21. Th ...)
- TODO: check
+ NOT-FOR-US: OpenViking
CVE-2026-10083 (The APCu Manager WordPress plugin before 4.5.0 does not escape
APCu ob ...)
NOT-FOR-US: WordPress plugin
CVE-2025-7386 (Information exposure vulnerability in Hitachi Storage
Navigator. This ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51668b8a531adb958b6480fcc4af8fcd6e03103f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51668b8a531adb958b6480fcc4af8fcd6e03103f
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits