[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jun 23 08:47:28 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
490f3fa0 by Salvatore Bonaccorso at 2026-06-23T09:37:14+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -53,11 +53,11 @@ CVE-2026-55653 (A flaw was found in OpenSSH. A malicious SSH server can exploit
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2462351
TODO: check details, AI generated report
CVE-2026-55603 (http-proxy-middleware is node.js http-proxy middleware. From 3.0.4 unt ...)
- TODO: check
+ NOT-FOR-US: http-proxy-middleware Node.js module
CVE-2026-55599 (phpseclib is a PHP secure communications library. From 0.1.1 until 1.0 ...)
TODO: check
CVE-2026-55409 (Filament is a collection of full-stack components for accelerated Lara ...)
- TODO: check
+ NOT-FOR-US: Filament
CVE-2026-54911 (UltraJSON is a fast JSON encoder and decoder written in pure C with bi ...)
TODO: check
CVE-2026-54651 (pypdf is a free and open-source pure-python PDF library. Prior to 6.13 ...)
@@ -79,7 +79,7 @@ CVE-2026-54232 (vLLM is an inference and serving engine for large language model
CVE-2026-53923 (vLLM is an inference and serving engine for large language models (LLM ...)
TODO: check
CVE-2026-49468 (LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or ...)
- TODO: check
+ NOT-FOR-US: LiteLLM
CVE-2026-49461 (pypdf is a free and open-source pure-python PDF library. Prior to 6.12 ...)
TODO: check
CVE-2026-49460 (pypdf is a free and open-source pure-python PDF library. Prior to 6.12 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/490f3fa08aded1291f7b9c7ed6a75b49e14207e5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/490f3fa08aded1291f7b9c7ed6a75b49e14207e5
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260623/4a81c778/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list