[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jan 30 20:45:23 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c3549928 by Salvatore Bonaccorso at 2026-01-30T21:44:58+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4,13 +4,13 @@ CVE-2026-25128 (fast-xml-parser allows users to validate XML, parse XML to JS ob
NOTE: Fixed by: https://github.com/NaturalIntelligence/fast-xml-parser/commit/4e387f61c4a5cef792f6a2f42467013290bf95dc (v5.3.4)
NOTE: node-webfont provides node-fast-xml-parser
CVE-2026-25050 (Vendure is an open-source headless commerce platform. Prior to version ...)
- TODO: check
+ NOT-FOR-US: Vendure
CVE-2026-24855 (ChurchCRM is an open-source church management system. Versions prior t ...)
NOT-FOR-US: ChurchCRM
CVE-2026-24854 (ChurchCRM is an open-source church management system. A SQL Injection ...)
NOT-FOR-US: ChurchCRM
CVE-2026-23835 (LobeHub is an open source human-and-AI-agent network. Prior to version ...)
- TODO: check
+ NOT-FOR-US: LobeHub
CVE-2026-22626 (Due to insufficient input parameter validation on the interface, authe ...)
NOT-FOR-US: Hikvision
CVE-2026-22625 (Improper handling of filenames in certain HIKSEMI NAS products may lea ...)
@@ -28,11 +28,11 @@ CVE-2026-1702 (A vulnerability was detected in SourceCodester Pet Grooming Manag
CVE-2026-1701 (A security vulnerability has been detected in itsourcecode Student Man ...)
NOT-FOR-US: itsourcecode System
CVE-2026-1700 (A weakness has been identified in projectworlds House Rental and Prope ...)
- TODO: check
+ NOT-FOR-US: projectworlds House Rental and Property Listing
CVE-2026-1699 (In the Eclipse Theia Website repository, the GitHub Actions workflow . ...)
TODO: check
CVE-2026-1691 (A vulnerability has been found in bolo-solo up to 2.6.4. This impacts ...)
- TODO: check
+ NOT-FOR-US: bolo-solo
CVE-2026-1690 (A flaw has been found in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpo ...)
NOT-FOR-US: Tenda
CVE-2026-1689 (A vulnerability was detected in Tenda HG10 US_HG7_HG9_HG10re_300001138 ...)
@@ -46,11 +46,11 @@ CVE-2026-1686 (A security flaw has been discovered in Totolink A3600R 5.9c.4959.
CVE-2026-1685 (A vulnerability was identified in D-Link DIR-823X 250416. This vulnera ...)
NOT-FOR-US: D-Link
CVE-2026-1684 (A vulnerability was found in Free5GC SMF up to 4.1.0. Affected by this ...)
- TODO: check
+ NOT-FOR-US: Free5GC
CVE-2026-1683 (A vulnerability has been found in Free5GC SMF up to 4.1.0. Affected by ...)
- TODO: check
+ NOT-FOR-US: Free5GC
CVE-2026-1682 (A flaw has been found in Free5GC SMF up to 4.1.0. Affected is the func ...)
- TODO: check
+ NOT-FOR-US: Free5GC
CVE-2026-1498 (An LDAP Injection vulnerability in WatchGuard Fireware OS may allow a ...)
NOT-FOR-US: WatchGuard
CVE-2026-0709 (Some Hikvision Wireless Access Points are vulnerable to authenticated ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3549928473a54ebd9f58abeda13293558019ced
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3549928473a54ebd9f58abeda13293558019ced
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260130/2f5019fa/attachment.htm>
More information about the debian-security-tracker-commits
mailing list