[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Jun 25 10:17:52 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2663765f by Moritz Muehlenhoff at 2026-06-25T11:13:43+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -73,7 +73,7 @@ CVE-2026-5309 (GitLab has remediated an issue in GitLab EE affecting all version
CVE-2026-5305 (The Email Address Encoder WordPress plugin before 1.0.25, email-encode ...)
NOT-FOR-US: WordPress plugin
CVE-2026-57589 (sys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowi ...)
- TODO: check
+ NOT-FOR-US: OpenBSD
CVE-2026-55762 (Rocket.Chat is an open-source, secure, fully customizable communicatio ...)
NOT-FOR-US: Rocket.Chat
CVE-2026-55759 (Rocket.Chat is an open-source, secure, fully customizable communicatio ...)
@@ -217,25 +217,25 @@ CVE-2026-39894 (Cacti is an open source performance and fault management framewo
CVE-2026-39893 (Cacti is an open source performance and fault management framework. In ...)
TODO: check
CVE-2026-33543 (FOSSBilling is a free, open-source billing and client management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-33235 (AutoGPT is a workflow automation platform for creating, deploying, and ...)
- TODO: check
+ NOT-FOR-US: AutoGPT
CVE-2026-32315 (motionEye (mEye) is an online interface for motion software, a video s ...)
- TODO: check
+ NOT-FOR-US: motionEye (mEye)
CVE-2026-31978 (motionEye (mEye) is an online interface for motion software, which is ...)
- TODO: check
+ NOT-FOR-US: motionEye (mEye)
CVE-2026-2508 (The Gravity Forms Booking plugin for WordPress is vulnerable to time-b ...)
NOT-FOR-US: WordPress plugin
CVE-2026-2238 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
NOT-FOR-US: GitLab (used to be packaged in the Debian archive as src:gitlab, but never in a stable release)
CVE-2026-27708 (FOSSBilling is a free, open-source billing and client management syste ...)
- TODO: check
+ NOT-FOR-US: FOSSBilling
CVE-2026-25119 (Gogs is an open source self-hosted Git service. Prior to 0.14.3, when ...)
- TODO: check
+ NOT-FOR-US: Go Git Service
CVE-2026-23879 (py7zr is a Python-based library and utility to support 7zip archive co ...)
TODO: check
CVE-2026-1840 (The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized ...)
- TODO: check
+ NOT-FOR-US: Aclara Metrum Cellular Web Interface
CVE-2026-1606 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
NOT-FOR-US: GitLab (used to be packaged in the Debian archive as src:gitlab, but never in a stable release)
CVE-2026-13311 (shell-quote prior to 1.8.5 finalizes parsed tokens in parse() using Ar ...)
@@ -2574,7 +2574,7 @@ CVE-2026-41479 (Authlib is a Python library which builds OAuth and OpenID Connec
CVE-2026-39904 (Gophish through 0.12.1 contains a denial of service vulnerability that ...)
NOT-FOR-US: Gophish
CVE-2026-12866 (All versions of the package expr-eval are vulnerable to Code Execution ...)
- TODO: check
+ NOT-FOR-US: Node expr-eval
CVE-2026-11833 (Overview: A vulnerability has been found in FAST/TOOLS and CI Server. ...)
NOT-FOR-US: Yokogawa
CVE-2026-10852 (IBM WebSphere Application Server and IBM WebSphere Application Server ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2663765f740a5fb28831655a06b8ab11eadcac87
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2663765f740a5fb28831655a06b8ab11eadcac87
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260625/f1411555/attachment.htm>
More information about the debian-security-tracker-commits
mailing list