[Git][security-tracker-team/security-tracker][master] Process some NFUsProcess some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jun 3 08:09:22 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7d97fbef by Salvatore Bonaccorso at 2026-06-03T09:08:36+02:00
Process some NFUsProcess some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -89,45 +89,45 @@ CVE-2026-49943 (CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a st
CVE-2026-49782 (Missing Authorization vulnerability in Elementor Elementor Website Bui ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-49754 (Allocation of Resources Without Limits or Throttling vulnerability in ...)
- TODO: check
+ NOT-FOR-US: elixir-mint Mint
CVE-2026-49753 (Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response S ...)
- TODO: check
+ NOT-FOR-US: elixir-mint Mint
CVE-2026-48862 (Allocation of Resources Without Limits or Throttling vulnerability in ...)
- TODO: check
+ NOT-FOR-US: elixir-mint Mint
CVE-2026-48861 (Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerabi ...)
- TODO: check
+ NOT-FOR-US: elixir-mint Mint
CVE-2026-47117 (OpenMed before 1.5.2 contains a remote code execution vulnerability in ...)
- TODO: check
+ NOT-FOR-US: OpenMed
CVE-2026-46718 (Use of Externally-Controlled Input to Select Classes or Code ('Unsafe ...)
TODO: check
CVE-2026-45686 (OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based ...)
- TODO: check
+ NOT-FOR-US: OpenTelemetry eBPF Instrumentation
CVE-2026-45685 (OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based ...)
- TODO: check
+ NOT-FOR-US: OpenTelemetry eBPF Instrumentation
CVE-2026-45684 (OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based ...)
- TODO: check
+ NOT-FOR-US: OpenTelemetry eBPF Instrumentation
CVE-2026-45683 (OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based ...)
- TODO: check
+ NOT-FOR-US: OpenTelemetry eBPF Instrumentation
CVE-2026-45682 (OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based ...)
- TODO: check
+ NOT-FOR-US: OpenTelemetry eBPF Instrumentation
CVE-2026-45681 (OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based ...)
- TODO: check
+ NOT-FOR-US: OpenTelemetry eBPF Instrumentation
CVE-2026-45680 (OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based ...)
- TODO: check
+ NOT-FOR-US: OpenTelemetry eBPF Instrumentation
CVE-2026-45679 (OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based ...)
- TODO: check
+ NOT-FOR-US: OpenTelemetry eBPF Instrumentation
CVE-2026-45678 (OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based ...)
- TODO: check
+ NOT-FOR-US: OpenTelemetry eBPF Instrumentation
CVE-2026-45676 (OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based ...)
- TODO: check
+ NOT-FOR-US: OpenTelemetry eBPF Instrumentation
CVE-2026-45554 (NiceGUI is a Python-based UI framework. Prior to version 3.12.0, two F ...)
- TODO: check
+ NOT-FOR-US: NiceGUI
CVE-2026-45553 (NiceGUI is a Python-based UI framework. Prior to version 3.12.0, ui.re ...)
- TODO: check
+ NOT-FOR-US: NiceGUI
CVE-2026-45080 (Klaw is a self-service Apache Kafka Topic Management/Governance tool/p ...)
- TODO: check
+ NOT-FOR-US: Klaw
CVE-2026-44367 (Klaw is a self-service Apache Kafka Topic Management/Governance tool/p ...)
- TODO: check
+ NOT-FOR-US: Klaw
CVE-2026-43965 (Path traversal vulnerability in Gleam's dependency management allows a ...)
TODO: check
CVE-2026-42795 (Symlink following vulnerability in Gleam's Hex package export allows f ...)
@@ -143,9 +143,9 @@ CVE-2026-42669 (Missing Authorization vulnerability in EventPrime allows Exploit
CVE-2026-42654 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-42074 (OpenClaude is an open-source coding-agent command line interface for c ...)
- TODO: check
+ NOT-FOR-US: OpenClaude
CVE-2026-42073 (OpenClaude is an open-source coding-agent command line interface for c ...)
- TODO: check
+ NOT-FOR-US: OpenClaude
CVE-2026-41918 (A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA ...)
NOT-FOR-US: Siemens
CVE-2026-40780 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
@@ -155,11 +155,11 @@ CVE-2026-40715 (Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain
CVE-2026-40713 (Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Im ...)
NOT-FOR-US: Dell / EMC
CVE-2026-40619 (A high security vulnerability affecting Security Center main server in ...)
- TODO: check
+ NOT-FOR-US: Gentec
CVE-2026-40571 (NamelessMC is website software for Minecraft servers. In version 2.2.4 ...)
- TODO: check
+ NOT-FOR-US: NamelessMC
CVE-2026-40314 (NamelessMC is website software for Minecraft servers. In version 2.2.4 ...)
- TODO: check
+ NOT-FOR-US: NamelessMC
CVE-2026-3620 (The Word Replacer plugin for WordPress is vulnerable to Stored Cross-S ...)
NOT-FOR-US: WordPress plugin
CVE-2026-3514 (In version 3.6.19 of prefecthq/prefect, an authentication bypass vulne ...)
@@ -177,23 +177,23 @@ CVE-2026-39550 (Deserialization of Untrusted Data vulnerability in Elated-Themes
CVE-2026-38978 (transmission through 4.1.1 was found to have a clickjacking weakness i ...)
TODO: check
CVE-2026-35718 (A path traversal vulnerability in the /admin/downloadMedias.cgi endpoi ...)
- TODO: check
+ NOT-FOR-US: VIVOTEK
CVE-2026-35717 (A stack-based buffer overflow in the export_language.cgi binary in VIV ...)
- TODO: check
+ NOT-FOR-US: VIVOTEK
CVE-2026-35716 (A stack-based buffer overflow in the motion_privacy.cgi binary in VIVO ...)
- TODO: check
+ NOT-FOR-US: VIVOTEK
CVE-2026-35447 (NamelessMC is website software for Minecraft servers. In version 2.2.4 ...)
- TODO: check
+ NOT-FOR-US: NamelessMC
CVE-2026-35443 (NamelessMC is website software for Minecraft servers. In version 2.2.4 ...)
- TODO: check
+ NOT-FOR-US: NamelessMC
CVE-2026-34907 (Wirtualna Uczelnia is vulnerable to Reflected Cross\u2011Site Scriptin ...)
- TODO: check
+ NOT-FOR-US: Wirtualna Uczelnia
CVE-2026-34906 (Server-Side Template Injection (SSTI) in Wirtualna Uczelnia allows an ...)
- TODO: check
+ NOT-FOR-US: Wirtualna Uczelnia
CVE-2026-34460 (NamelessMC is website software for Minecraft servers. In versions 2.2. ...)
- TODO: check
+ NOT-FOR-US: NamelessMC
CVE-2026-33398 (NamelessMC is website software for Minecraft servers. In version 2.2.4 ...)
- TODO: check
+ NOT-FOR-US: NamelessMC
CVE-2026-33244 (React Router is a router for React. In versions 7.5.1 through 7.13.1, ...)
TODO: check
CVE-2026-32685 (Path traversal vulnerability in Gleam's handling of custom documentati ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d97fbef0a80b28549bf03fbf668e48c86544239
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d97fbef0a80b28549bf03fbf668e48c86544239
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260603/b682a134/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list