Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
376fae58 by Salvatore Bonaccorso at 2026-07-10T11:35:47+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -41,7 +41,7 @@ CVE-2026-58123 (Hermes WebUI before 0.51.788 contains an 
unauthenticated remote
 CVE-2026-58122 (Hermes WebUI before 0.51.307 contains an authentication bypass 
vulnera ...)
        NOT-FOR-US: Hermes WebUI
 CVE-2026-57501 (Zen is a firefox-based browser. Prior to 1.21.5b, Zen's glance 
and spl ...)
-       TODO: check
+       NOT-FOR-US: Zen
 CVE-2026-57054 (A Use of Incorrectly-Resolved Name or Reference vulnerability 
in the U ...)
        NOT-FOR-US: Juniper
 CVE-2026-57032 (An Improper Handling of Undefined Parameters vulnerability in 
the pack ...)
@@ -73,33 +73,33 @@ CVE-2026-57020 (An Improper Check for Unusual or 
Exceptional Conditions vulnerab
 CVE-2026-57019 (An Improper Validation of Specified Quantity in Input 
vulnerability in ...)
        NOT-FOR-US: Juniper
 CVE-2026-55865 (Python Liquid is a Python engine for the Liquid template 
language. Pri ...)
-       TODO: check
+       NOT-FOR-US: Python Liquid
 CVE-2026-55689 (OpenFGA is an authorization/permission engine built for 
developers. Pr ...)
-       TODO: check
+       NOT-FOR-US: OpenFGA
 CVE-2026-55616
        REJECTED
 CVE-2026-55615 (Langroid is a framework for building 
large-language-model-powered appl ...)
-       TODO: check
+       NOT-FOR-US: Langroid
 CVE-2026-55605 (DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting 
in vers ...)
-       TODO: check
+       NOT-FOR-US: DeepSeek MCP Server
 CVE-2026-55604 (DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting 
in vers ...)
-       TODO: check
+       NOT-FOR-US: DeepSeek MCP Server
 CVE-2026-55424 (Discourse is an open-source discussion platform. Prior to 
2026.6.0, 20 ...)
        NOT-FOR-US: Discourse
 CVE-2026-55212 (Pimcore is an Open Source Data & Experience Management 
Platform. Prior ...)
-       TODO: check
+       NOT-FOR-US: Pimcore
 CVE-2026-55208 (Pimcore Studio Backend Bundle is the backend bundle for 
Pimcore Studio ...)
-       TODO: check
+       NOT-FOR-US: Pimcore
 CVE-2026-55207 (Pimcore is an Open Source Data & Experience Management 
Platform. Prior ...)
-       TODO: check
+       NOT-FOR-US: Pimcore
 CVE-2026-55170 (OpenFGA is an authorization/permission engine built for 
developers. Pr ...)
-       TODO: check
+       NOT-FOR-US: OpenFGA
 CVE-2026-54771 (Langroid is a framework for building 
large-language-model-powered appl ...)
-       TODO: check
+       NOT-FOR-US: Langroid
 CVE-2026-54769 (Langroid is a framework for building 
large-language-model-powered appl ...)
-       TODO: check
+       NOT-FOR-US: Langroid
 CVE-2026-54760 (Langroid is a framework for building 
large-language-model-powered appl ...)
-       TODO: check
+       NOT-FOR-US: Langroid
 CVE-2026-53963 (Discourse is an open-source discussion platform. Prior to 
2026.6.0, 20 ...)
        NOT-FOR-US: Discourse
 CVE-2026-53962 (Discourse is an open-source discussion platform. Prior to 
2026.6.0, 20 ...)
@@ -107,17 +107,17 @@ CVE-2026-53962 (Discourse is an open-source discussion 
platform. Prior to 2026.6
 CVE-2026-53961 (Discourse is an open-source discussion platform. Prior to 
2026.6.0, 20 ...)
        NOT-FOR-US: Discourse
 CVE-2026-51926 (An issue in docuForm GmbH FSM Client v.11.11c allows a remote 
attacker ...)
-       TODO: check
+       NOT-FOR-US: docuForm
 CVE-2026-51925 (A Local File Inclusion (LFI) vulnerability exists in docuForm 
GmbH Cli ...)
-       TODO: check
+       NOT-FOR-US: docuForm
 CVE-2026-51924 (An issue in docuForm GmbH Client v.11.11c allows a remote 
attacker to  ...)
-       TODO: check
+       NOT-FOR-US: docuForm
 CVE-2026-51923 (An Insecure Direct Object Reference (IDOR) vulnerability 
exists in doc ...)
-       TODO: check
+       NOT-FOR-US: docuForm
 CVE-2026-50181 (Langroid is a framework for building 
large-language-model-powered appl ...)
-       TODO: check
+       NOT-FOR-US: Langroid
 CVE-2026-50180 (Langroid is a framework for building 
large-language-model-powered appl ...)
-       TODO: check
+       NOT-FOR-US: Langroid
 CVE-2026-49256 (Discourse is an open-source discussion platform. Prior to 
2026.6.0, 20 ...)
        NOT-FOR-US: Discourse
 CVE-2026-46413 (Discourse is an open-source discussion platform. Prior to 
2026.6.0, 20 ...)
@@ -852,7 +852,7 @@ CVE-2026-53624 (Fiber is an Express inspired web framework 
written in Go. Prior
 CVE-2026-52200 (An issue in Generic OEM UZ801_v2.1 4G LTE Router V3.4.3 allows 
a remot ...)
        NOT-FOR-US: Generic OEM UZ801_v2.1 4G LTE Router
 CVE-2026-51535 (In OpENer 2.3.0 (commit 76b95cf), a resource exhaustion 
(Denial of Ser ...)
-       TODO: check
+       NOT-FOR-US: OpENer
 CVE-2026-49866 (libp2p is a JavaScript Implementation of libp2p networking 
stack. Prio ...)
        TODO: check
 CVE-2026-48492 (Snipe-IT is an IT asset/license management system. Prior to 
version 8. ...)
@@ -1359,17 +1359,17 @@ CVE-2026-55874 (SeaweedFS is a distributed storage 
system. Prior to 4.34, the S3
 CVE-2026-55873 (SeaweedFS is a distributed storage system. In versions 4.08 
through 4. ...)
        NOT-FOR-US: SeaweedFS
 CVE-2026-55761 (Portainer Community Edition is a lightweight service delivery 
platform ...)
-       TODO: check
+       NOT-FOR-US: Portainer
 CVE-2026-55668 (File Browser provides a web file managing interface. Prior to 
2.63.16, ...)
        NOT-FOR-US: File Browser
 CVE-2026-54652 (Frigate is an open source network video recorder. In version 
0.17.1, t ...)
-       TODO: check
+       NOT-FOR-US: Frigate
 CVE-2026-54344 (ToolJet is an open-source low-code platform for building 
internal tool ...)
-       TODO: check
+       NOT-FOR-US: ToolJet
 CVE-2026-54061 (Dgraph is an open source distributed GraphQL database. Prior 
to versio ...)
-       TODO: check
+       NOT-FOR-US: Dgraph
 CVE-2026-53951 (Copier is a library and CLI app for rendering project 
templates. In ve ...)
-       TODO: check
+       NOT-FOR-US: Copier is a library and CLI app
 CVE-2026-53482 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, 
LTS2026 r ...)
        NOT-FOR-US: Dell / EMC
 CVE-2026-53480 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, 
LTS2026 r ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/376fae588e53e4452ca844f5bb44cd6891d7baff

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/376fae588e53e4452ca844f5bb44cd6891d7baff
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to