[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jan 8 08:13:17 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
59069140 by security tracker role at 2026-01-08T08:13:10+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,178 @@
-CVE-2025-69262
+CVE-2026-22581
+	REJECTED
+CVE-2026-22580
+	REJECTED
+CVE-2026-22579
+	REJECTED
+CVE-2026-22578
+	REJECTED
+CVE-2026-22577
+	REJECTED
+CVE-2026-22190 (Panda3D versions up to and including 1.10.16 egg-mkfont contains an un ...)
+	TODO: check
+CVE-2026-22189 (Panda3D versions up to and including 1.10.16 egg-mkfont contains a sta ...)
+	TODO: check
+CVE-2026-22188 (Panda3D versions up to and including 1.10.16 deploy-stub contains a de ...)
+	TODO: check
+CVE-2026-22187 (Bio-Formats versions up to and including 8.3.0 perform unsafe Java des ...)
+	TODO: check
+CVE-2026-22186 (Bio-Formats versions up to and including 8.3.0 contain an XML External ...)
+	TODO: check
+CVE-2026-22185 (OpenLDAP Lightning Memory-Mapped Database (LMDB) mdb_load contains a h ...)
+	TODO: check
+CVE-2026-22184 (zlib versions up to and including 1.3.1.2 contain a global buffer over ...)
+	TODO: check
+CVE-2026-22047 (iccDEV provides a set of libraries and tools that allow for the intera ...)
+	TODO: check
+CVE-2026-22046 (iccDEV provides a set of libraries and tools that allow for the intera ...)
+	TODO: check
+CVE-2026-22035 (Greenshot is an open source Windows screenshot utility. Versions 1.3.3 ...)
+	TODO: check
+CVE-2026-21883 (Bokeh is an interactive visualization library written in Python. In ve ...)
+	TODO: check
+CVE-2026-21881 (Kanboard is project management software focused on Kanban methodology. ...)
+	TODO: check
+CVE-2026-21880 (Kanboard is project management software focused on Kanban methodology. ...)
+	TODO: check
+CVE-2026-21879 (Kanboard is project management software focused on Kanban methodology. ...)
+	TODO: check
+CVE-2026-21877 (n8n is an open source workflow automation platform. In versions 0.121. ...)
+	TODO: check
+CVE-2026-21875 (ClipBucket v5 is an open source video sharing platform. Versions 5.5.2 ...)
+	TODO: check
+CVE-2026-21869 (llama.cpp is an inference of several LLM models in C/C++. In commits 5 ...)
+	TODO: check
+CVE-2026-21868 (Flag Forge is a Capture The Flag (CTF) platform. Versions 2.3.2 and be ...)
+	TODO: check
+CVE-2026-21859 (Mailpit is an email testing tool and API for developers. Versions 1.28 ...)
+	TODO: check
+CVE-2026-21858 (n8n is an open source workflow automation platform. Versions below 1.1 ...)
+	TODO: check
+CVE-2026-21857 (REDAXO is a PHP-based content management system. Prior to version 5.20 ...)
+	TODO: check
+CVE-2026-21851 (MONAI (Medical Open Network for AI) is an AI toolkit for health care i ...)
+	TODO: check
+CVE-2026-21697 (axios4go is a Go HTTP client library. Prior to version 0.6.4, a race c ...)
+	TODO: check
+CVE-2026-21695 (Titra is open source project time tracking software. In versions 0.99. ...)
+	TODO: check
+CVE-2026-21694 (Titra is open source project time tracking software. Versions 0.99.49  ...)
+	TODO: check
+CVE-2026-21693 (iccDEV provides a set of libraries and tools that allow for the intera ...)
+	TODO: check
+CVE-2026-21692 (iccDEV provides a set of libraries and tools that allow for the intera ...)
+	TODO: check
+CVE-2026-21691 (iccDEV provides a set of libraries and tools that allow for the intera ...)
+	TODO: check
+CVE-2026-21690 (iccDEV provides a set of libraries and tools that allow for the intera ...)
+	TODO: check
+CVE-2026-21689 (iccDEV provides a set of libraries and tools that allow for the intera ...)
+	TODO: check
+CVE-2026-21688 (iccDEV provides a set of libraries and tools that allow for the intera ...)
+	TODO: check
+CVE-2026-21687 (iccDEV provides a set of libraries and tools that allow for the intera ...)
+	TODO: check
+CVE-2026-21686 (iccDEV provides a set of libraries and tools that allow for the intera ...)
+	TODO: check
+CVE-2026-21685 (iccDEV provides a set of libraries and tools that allow for the intera ...)
+	TODO: check
+CVE-2026-21684 (iccDEV provides a set of libraries and tools that allow for the intera ...)
+	TODO: check
+CVE-2026-21683 (iccDEV provides a set of libraries and tools that allow for the intera ...)
+	TODO: check
+CVE-2026-21682 (iccDEV provides a set of libraries and tools that allow for the intera ...)
+	TODO: check
+CVE-2026-21681 (iccDEV provides a set of libraries and tools that allow for the intera ...)
+	TODO: check
+CVE-2026-21441 (urllib3 is an HTTP client library for Python. urllib3's streaming API  ...)
+	TODO: check
+CVE-2026-21427 (The installers for multiple products provided by PIONEER CORPORATION c ...)
+	TODO: check
+CVE-2026-0707 (A flaw was found in Keycloak. The Keycloak Authorization header parser ...)
+	TODO: check
+CVE-2026-0700 (A vulnerability was determined in code-projects Intern Membership Mana ...)
+	TODO: check
+CVE-2026-0699 (A vulnerability was found in code-projects Intern Membership Managemen ...)
+	TODO: check
+CVE-2026-0698 (A vulnerability has been found in code-projects Intern Membership Mana ...)
+	TODO: check
+CVE-2026-0697 (A flaw has been found in code-projects Intern Membership Management Sy ...)
+	TODO: check
+CVE-2025-69264 (pnpm is a package manager. Versions 10.0.0 through 10.25 allow git-hos ...)
+	TODO: check
+CVE-2025-69263 (pnpm is a package manager. Versions 10.26.2 and below store HTTP tarba ...)
+	TODO: check
+CVE-2025-69255 (RustFS is a distributed object storage system built in Rust. In versio ...)
+	TODO: check
+CVE-2025-69222 (LibreChat is a ChatGPT clone with additional features. Version 0.8.1-r ...)
+	TODO: check
+CVE-2025-69221 (LibreChat is a ChatGPT clone with additional features. Version 0.8.1-r ...)
+	TODO: check
+CVE-2025-69220 (LibreChat is a ChatGPT clone with additional features. Version 0.8.1-r ...)
+	TODO: check
+CVE-2025-68705 (RustFS is a distributed object storage system built in Rust. In versio ...)
+	TODO: check
+CVE-2025-66620 (An unused webshell in MicroServer allows unlimited login attempts, wit ...)
+	TODO: check
+CVE-2025-64305 (MicroServer copies parts of the system firmware to an unencrypted exte ...)
+	TODO: check
+CVE-2025-62224 (User interface (ui) misrepresentation of critical information in Micro ...)
+	TODO: check
+CVE-2025-15346 (A vulnerability in the handling of verify_mode = CERT_REQUIRED in the  ...)
+	TODO: check
+CVE-2025-14275 (The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cro ...)
+	TODO: check
+CVE-2025-13679 (The Tutor LMS \u2013 eLearning and online course solution plugin for W ...)
+	TODO: check
+CVE-2025-13151 (Stack-based buffer overflow in libtasn1 version: v4.20.0. The function ...)
+	TODO: check
+CVE-2025-12776 (The Report Builder component of the application stores user input dire ...)
+	TODO: check
+CVE-2025-12640 (The Folders \u2013 Unlimited Folders to Organize Media Library Folder, ...)
+	TODO: check
+CVE-2023-7333 (A weakness has been identified in bluelabsio records-mover up to 1.5.4 ...)
+	TODO: check
+CVE-2019-25296 (The WP Cost Estimation plugin for WordPress is vulnerable to arbitrary ...)
+	TODO: check
+CVE-2019-25295 (The WP Cost Estimation plugin for WordPress is vulnerable to Upload Di ...)
+	TODO: check
+CVE-2019-25291 (INIM Electronics Smartliving SmartLAN/G/SI <=6.x contains hard-coded c ...)
+	TODO: check
+CVE-2019-25290 (Smartliving SmartLAN/G/SI <=6.x contains an unauthenticated server-sid ...)
+	TODO: check
+CVE-2019-25289 (SmartLiving SmartLAN <=6.x contains an authenticated remote command in ...)
+	TODO: check
+CVE-2019-25284 (V-SOL GPON/EPON OLT Platform v2.03 contains multiple reflected cross-s ...)
+	TODO: check
+CVE-2019-25282 (V-SOL GPON/EPON OLT Platform v2.03 contains an open redirect vulnerabi ...)
+	TODO: check
+CVE-2019-25280 (Yahei-PHP Prober 0.4.7 contains a remote HTML injection vulnerability  ...)
+	TODO: check
+CVE-2019-25279 (FaceSentry Access Control System 6.4.8 contains a cleartext password s ...)
+	TODO: check
+CVE-2019-25278 (FaceSentry Access Control System 6.4.8 contains a cleartext transmissi ...)
+	TODO: check
+CVE-2019-25277 (FaceSentry Access Control System 6.4.8 contains a cross-site scripting ...)
+	TODO: check
+CVE-2019-25270 (SOCA Access Control System 180612 contains a cross-site scripting vuln ...)
+	TODO: check
+CVE-2019-25268 (NREL BEopt 2.8.0.0 contains a DLL hijacking vulnerability that allows  ...)
+	TODO: check
+CVE-2019-25259 (Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a cross-si ...)
+	TODO: check
+CVE-2019-25231 (devolo dLAN Cockpit 4.3.1 contains an unquoted service path vulnerabil ...)
+	TODO: check
+CVE-2017-20216 (FLIR Thermal Camera PT-Series firmware version 8.0.0.64 contains multi ...)
+	TODO: check
+CVE-2017-20215 (FLIR Thermal Camera FC-S/PT firmware version 8.0.0.64 contains an auth ...)
+	TODO: check
+CVE-2017-20214 (FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains hard- ...)
+	TODO: check
+CVE-2017-20213 (FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64 contain ...)
+	TODO: check
+CVE-2017-20212 (FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains an in ...)
+	TODO: check
+CVE-2025-69262 (pnpm is a package manager. Versions 6.25.0 through 10.26.2 have a Comm ...)
 	NOT-FOR-US: pnpm
 CVE-2025-3950
 	- gitlab <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/590691402d1e14553dae0107e9e7601d2c72b420

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/590691402d1e14553dae0107e9e7601d2c72b420
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260108/721f7b0c/attachment.htm>

More information about the debian-security-tracker-commits mailing list