Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cb35f470 by Salvatore Bonaccorso at 2026-07-02T22:12:11+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -236,43 +236,43 @@ CVE-2026-54430 (liboauth2 is vulnerable to Server-Side
Request Forgery inoauth2_
- liboauth2 2.3.0-1
NOTE: Fixed by:
https://github.com/OpenIDC/liboauth2/commit/347507ac5b51f48c2933bbe49b2ee07c2af4712b
(v2.3.0)
CVE-2026-54409 (A malicious actor with access to the network and under certain
conditi ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2026-54408 (A malicious actor with access to the network could exploit an
Improper ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2026-54407 (A malicious actor with access to the network could exploit an
Improper ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2026-54406 (A malicious actor with access to the network and high
privileges could ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2026-54405 (A malicious actor with access to the network could exploit an
Improper ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2026-54404 (A malicious actor with access to the network and low
privileges could ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2026-54403 (A malicious actor with access to the network could exploit a
Path Trav ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2026-54402 (A malicious actor with access to the network and low
privileges could ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2026-54401 (A malicious actor with access to the network and low
privileges could ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2026-54400 (A malicious actor with access to the network and high
privileges could ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2026-53422 (Observable Response Discrepancy vulnerability in Erlang OTP
ssh (ssh_s ...)
TODO: check
CVE-2026-50748 (A malicious actor with access to the network and low
privileges could ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2026-50747 (A malicious actor with access to the network and low
privileges could ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2026-50746 (A malicious actor with access to the network could exploit an
Improper ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2026-50282 (Craft CMS is a content management system (CMS). Versions
5.0.0-RC1 and ...)
NOT-FOR-US: Craft CMS or plugin for Craft CMS
CVE-2026-50281 (Craft CMS is a content management system (CMS). Versions 5.7.0
and abo ...)
NOT-FOR-US: Craft CMS or plugin for Craft CMS
CVE-2026-4772 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: WAF-ASP
CVE-2026-4770 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Web Application Firewall
CVE-2026-4767 (Missing authentication for critical function vulnerability in
TR7 Cybe ...)
- TODO: check
+ NOT-FOR-US: WAF-ASP
CVE-2026-49779 (Customer Path Traversal in Tax Exempt for WooCommerce <= 1.9.3
version ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-44941 (A relative path traversal in the "keyhint" option in
repomd.xml parsin ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb35f470f6bbd1890363957be14b13418c7b2340
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb35f470f6bbd1890363957be14b13418c7b2340
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits