Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0263ba04 by Salvatore Bonaccorso at 2026-07-13T22:01:41+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,13 +13,13 @@ CVE-2026-6875 (ServiceNow has addressed a remote code 
execution vulnerability th
 CVE-2026-6850 (Mattermost versions 11.7.x <= 11.7.2, 11.6.x <= 11.6.4, 10.11.x 
<= 10. ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2026-6847 (Remote Code Execution vulnerability exists in ThemisNETPanel 
due to mi ...)
-       TODO: check
+       NOT-FOR-US: ThemisNETPanel
 CVE-2026-6541 (Mattermost versions 11.7.x <= 11.7.1, 11.6.x <= 11.6.4, 10.11.x 
<= 10. ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2026-62147 (The Tempo Operator's gateway component failed to consistently 
apply na ...)
-       TODO: check
+       NOT-FOR-US: Red Hat Tempo Operator
 CVE-2026-62143 (A Server-Side Request Forgery (SSRF) protection bypass existed 
in the  ...)
-       TODO: check
+       NOT-FOR-US: MISP
 CVE-2026-61985 (Missing Authorization vulnerability in magepeopleteam Car 
Rental Manag ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-61983 (Missing Authorization vulnerability in andy_moyle Church Admin 
church- ...)
@@ -47,25 +47,25 @@ CVE-2026-61952 (Missing Authorization vulnerability in Jose 
Vega WooCommerce Bul
 CVE-2026-61692
        REJECTED
 CVE-2026-61505 (Rejetto HFS 3.0.0 through 3.2.0 allows path traversal through 
the lang ...)
-       TODO: check
+       NOT-FOR-US: Rejetto HFS
 CVE-2026-61504 (Rejetto HFS 3.0.0 through 3.2.0 does not escape file names in 
its fall ...)
-       TODO: check
+       NOT-FOR-US: Rejetto HFS
 CVE-2026-61503 (Rejetto HFS 3.0.0 through 3.2.0 returns observably different 
responses ...)
-       TODO: check
+       NOT-FOR-US: Rejetto HFS
 CVE-2026-61502 (Rejetto HFS 3.0.0 through 3.2.0 accepts state-changing API 
requests vi ...)
-       TODO: check
+       NOT-FOR-US: Rejetto HFS
 CVE-2026-61501 (Rejetto HFS 3.0.0 through 3.2.0 renders log entries in the 
administrat ...)
-       TODO: check
+       NOT-FOR-US: Rejetto HFS
 CVE-2026-61500 (Rejetto HFS 3.0.0 through 3.2.0 derives its session-cookie 
signing key ...)
-       TODO: check
+       NOT-FOR-US: Rejetto HFS
 CVE-2026-61498 (Vitec Flamingo 4.12.2 contains an unauthenticated OS command 
injection ...)
-       TODO: check
+       NOT-FOR-US: Vitec Flamingo
 CVE-2026-61463 (Shiori contains a privilege escalation vulnerability in the 
account up ...)
-       TODO: check
+       NOT-FOR-US: Shiori
 CVE-2026-61462 (mcp-gitlab contains a path traversal vulnerability in the 
job_id param ...)
-       TODO: check
+       NOT-FOR-US: mcp-gitlab
 CVE-2026-60121 (Vitec Flamingo 4.12.2 contains an unauthenticated OS command 
injection ...)
-       TODO: check
+       NOT-FOR-US: Vitec Flamingo
 CVE-2026-60103 (Blender 3.0.0 through 5.1.2 contains an out-of-bounds read 
vulnerabili ...)
        TODO: check
 CVE-2026-59523 (Missing Authorization vulnerability in NSquared Simply 
Schedule Appoin ...)
@@ -466,9 +466,9 @@ CVE-2026-10085 (Mattermost versions 11.7.x <= 11.7.2, 
11.6.x <= 11.6.4, 10.11.x
 CVE-2025-45869 (LogicalDOC Enterprise Version up to and before v9.1.1 is 
vulnerable to ...)
        TODO: check
 CVE-2026-9492 (The MBStorage DRAM lighting control module within Gigabyte 
Control Cen ...)
-       TODO: check
+       NOT-FOR-US: Gigabyte Control Center (GCC)
 CVE-2026-7162 (Successful exploitation of the integer overflow vulnerability 
could al ...)
-       TODO: check
+       NOT-FOR-US: WinFsp
 CVE-2026-15553 (Enterprise Cloud Database developed by Ragic has a Arbitrary 
File Uplo ...)
        TODO: check
 CVE-2026-15552 (Enterprise Cloud Database developed by Ragic has a Stored 
Cross-Site S ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0263ba048f0e31c3943207de1e54e156185b0095

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0263ba048f0e31c3943207de1e54e156185b0095
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to