[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jun 29 21:32:23 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4076abd5 by Salvatore Bonaccorso at 2026-06-29T22:32:03+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101,29 +101,29 @@ CVE-2026-57326 (Unauthenticated Cross Site Scripting (XSS) in Business Directory
CVE-2026-57320 (Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1.1.8 versions.)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-56783 (Parseable before 2.9.2 contains an information disclosure vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Parseable
CVE-2026-56782 (Gorse before 0.5.10 contains an authentication bypass vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Gorse
CVE-2026-56781 (Teable before 2026-06-15T04-43-24Z.1912 contains an improper access co ...)
- NOT-FOR-US: Modoboa
+ NOT-FOR-US: teableio teable
CVE-2026-56780 (Modoboa before 2.9.0 contains an insecure direct object reference vuln ...)
- TODO: check
+ NOT-FOR-US: Modoboa
CVE-2026-56457 (HCL DevOps Deploy / HCL Launch is susceptible to an exposure of sensit ...)
NOT-FOR-US: HCL
CVE-2026-56290 (The Joomla extension Page Builder CK is vulnerable to an unauthenticat ...)
NOT-FOR-US: Joomla
CVE-2026-56285 (Nitter's /video media proxy endpoint fails to validate target URLs aga ...)
- TODO: check
+ NOT-FOR-US: Nitter
CVE-2026-56124 (phpUploader before 2.0.2 contains an unauthenticated information discl ...)
- TODO: check
+ NOT-FOR-US: phpUploader
CVE-2026-55844 (Home Assistant is open source home automation software that puts local ...)
- TODO: check
+ NOT-FOR-US: Home Assistant
CVE-2026-55607 (Claude Code is an agentic coding tool. From 2.1.38 until 2.1.163, Cla ...)
- TODO: check
+ NOT-FOR-US: Claude Code
CVE-2026-53428 (Memory Allocation with Excessive Size Value vulnerability in leandrocp ...)
- TODO: check
+ NOT-FOR-US: leandrocp
CVE-2026-53427 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: leandrocp
CVE-2026-49049 (The Helix3 plugin for Joomla exposes an ajax handler task, that allows ...)
NOT-FOR-US: Joomla
CVE-2026-46406 (Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4076abd5190ac8bf778baed55e7f770c931ffa70
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4076abd5190ac8bf778baed55e7f770c931ffa70
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260629/1465d2d3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list