[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 30 07:31:35 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
51668b8a by Salvatore Bonaccorso at 2026-06-30T08:31:17+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -154,24 +154,24 @@ CVE-2026-25707 (A relative path traversal bug problem when processing repository
 	- libzypp 17.38.11-1
 	NOTE: https://github.com/openSUSE/libzypp/commit/f09feda7fca03c941218aab0bb161cc82b185b6b (17.38.10)
 CVE-2026-22078 (Because O+ Connect's IPC service does not authenticate clients, extern ...)
-	TODO: check
+	NOT-FOR-US: Oppo
 CVE-2026-13757 (A flaw was found in p11-kit. The RPC message attribute parsing functio ...)
 	- p11-kit <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2494556
 CVE-2026-13752 (Improper neutralization of parameters in Snowflake CLI versions prior  ...)
-	TODO: check
+	NOT-FOR-US: Snowflake CLI
 CVE-2026-13751 (Improper handling of untrusted remote references in Snowflake CLI vers ...)
-	TODO: check
+	NOT-FOR-US: Snowflake CLI
 CVE-2026-13750 (Insertion of sensitive information into log files in Snowflake CLI ver ...)
-	TODO: check
+	NOT-FOR-US: Snowflake CLI
 CVE-2026-13749 (Improper neutralization in the Snowpark annotation processor callback  ...)
-	TODO: check
+	NOT-FOR-US: Snowflake CLI
 CVE-2026-13748 (Improper restriction of file path resolution in Snowflake CLI versions ...)
-	TODO: check
+	NOT-FOR-US: Snowflake CLI
 CVE-2026-13746 (Improper neutralization of local CLI parameters in Snowflake CLI versi ...)
-	TODO: check
+	NOT-FOR-US: Snowflake CLI
 CVE-2026-13744 (Improper neutralization of attacker-controlled content in Snowflake CL ...)
-	TODO: check
+	NOT-FOR-US: Snowflake CLI
 CVE-2026-13742 (Honeywell IQ MultiAccess, all versions prior to and including version  ...)
 	NOT-FOR-US: Honeywell
 CVE-2026-13676 (fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fail to canonicalize U ...)
@@ -183,17 +183,17 @@ CVE-2026-13595 (A flaw was found in the libblkid library of util-linux. During n
 	NOTE: https://github.com/util-linux/util-linux/commit/60ca8616ac1a223bfb5a713047a37136dd9481ef (v2.42.2)
 	NOTE: https://github.com/util-linux/util-linux/commit/132d9c8aa15a8efd0a23d8ca7ed8b98f365e84fa (v2.41.5)
 CVE-2026-13592 (A vulnerability was detected in liftoff-sr CIPster up to e8e9dba09bf56 ...)
-	TODO: check
+	NOT-FOR-US: liftoff-sr CIPster
 CVE-2026-13591 (A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is th ...)
-	TODO: check
+	NOT-FOR-US: DeepMyst Mysti
 CVE-2026-13590 (A security flaw has been discovered in seladb PcapPlusPlus 25.05. This ...)
-	TODO: check
+	NOT-FOR-US: seladb PcapPlusPlus
 CVE-2026-13589 (A vulnerability was identified in seladb PcapPlusPlus 25.05. This affe ...)
-	TODO: check
+	NOT-FOR-US: seladb PcapPlusPlus
 CVE-2026-13588 (A vulnerability was determined in seladb PcapPlusPlus 25.05. The impac ...)
-	TODO: check
+	NOT-FOR-US: seladb PcapPlusPlus
 CVE-2026-13587 (A vulnerability was found in seladb PcapPlusPlus 25.05. The affected e ...)
-	TODO: check
+	NOT-FOR-US: seladb PcapPlusPlus
 CVE-2026-13583 (A vulnerability has been found in Edimax EW-7478APC 1.04. Impacted is  ...)
 	NOT-FOR-US: Edimax
 CVE-2026-13582 (A flaw has been found in Edimax EW-7478APC 1.04. This issue affects th ...)
@@ -217,7 +217,7 @@ CVE-2026-13571 (A flaw has been found in SourceCodester Simple Food Ordering Sys
 CVE-2026-13570 (A vulnerability was detected in SourceCodester Inventory Management Sy ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-13569 (A security vulnerability has been detected in weng-xianhu EyouCMS up t ...)
-	TODO: check
+	NOT-FOR-US: weng-xianhu EyouCMS
 CVE-2026-13568 (A weakness has been identified in SourceCodester Inventory Management  ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-13567 (A security flaw has been discovered in code-projects Online Music Site ...)
@@ -237,7 +237,7 @@ CVE-2026-13561 (A vulnerability was detected in Edimax EW-7478APC 1.04. The impa
 CVE-2026-13560 (A security vulnerability has been detected in Edimax EW-7478APC 1.04.  ...)
 	NOT-FOR-US: Edimax
 CVE-2026-13559 (A weakness has been identified in code-projects Real State Services 1. ...)
-	TODO: check
+	NOT-FOR-US: code-projects Real State Services
 CVE-2026-13558 (A security flaw has been discovered in CodeAstro Complaint Management  ...)
 	NOT-FOR-US: CodeAstro
 CVE-2026-13557 (A vulnerability was identified in itsourcecode Online Hotel Management ...)
@@ -337,7 +337,7 @@ CVE-2026-13538 (A vulnerability was determined in Wavlink WL-NU516U1-A M16U1_V24
 CVE-2026-13537 (A vulnerability was found in CodeAstro Human Resource Management Syste ...)
 	NOT-FOR-US: CodeAstro
 CVE-2026-13536 (A vulnerability has been found in GotoHTTP up to 10.2. This issue affe ...)
-	TODO: check
+	NOT-FOR-US: GotoHTTP
 CVE-2026-13535 (A flaw has been found in CodeAstro Human Resource Management System 1. ...)
 	NOT-FOR-US: CodeAstro
 CVE-2026-13534 (A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. Th ...)
@@ -365,7 +365,7 @@ CVE-2026-13524 (A security vulnerability has been detected in CherryHQ cherry-st
 CVE-2026-13523 (A weakness has been identified in GPAC up to 26.02.0. This affects an  ...)
 	TODO: check
 CVE-2026-13522 (A security flaw has been discovered in Investintech SlimPDFReader up t ...)
-	TODO: check
+	NOT-FOR-US: Investintech SlimPDFReader
 CVE-2026-13521 (A vulnerability was identified in SourceCodester Class and Exam Timeta ...)
 	NOT-FOR-US: SourceCodester
 CVE-2026-13520 (A vulnerability was determined in itsourcecode Hospital Management Sys ...)
@@ -381,21 +381,21 @@ CVE-2026-13516 (A vulnerability was detected in Tenda JD12L 16.03.53.23. The aff
 CVE-2026-13515 (A security vulnerability has been detected in Tenda JD12L 16.03.53.23. ...)
 	NOT-FOR-US: Tenda
 CVE-2026-13514 (A weakness has been identified in Chess Play and Learn App up to 4.9.4 ...)
-	TODO: check
+	NOT-FOR-US: Chess Play and Learn App on Android
 CVE-2026-13513 (A security flaw has been discovered in MyScale MyScaleDB up to 1.8.0.  ...)
-	TODO: check
+	NOT-FOR-US: MyScale MyScaleDB
 CVE-2026-13512 (A vulnerability was identified in Databend up to 1.2.881 on HTTP. This ...)
-	TODO: check
+	NOT-FOR-US: Databend
 CVE-2026-13511 (A vulnerability was determined in VoltAgent up to 2.1.17. Affected by  ...)
-	TODO: check
+	NOT-FOR-US: VoltAgent
 CVE-2026-13510 (A vulnerability was found in SimStudioAI sim up to 0.6.92. Affected by ...)
-	TODO: check
+	NOT-FOR-US: SimStudioAI sim
 CVE-2026-13509 (A vulnerability has been found in RAGapp up to 0.1.5. Affected is the  ...)
-	TODO: check
+	NOT-FOR-US: RAGapp
 CVE-2026-13508 (A flaw has been found in khoj-ai khoj up to 2.0.0-beta.28. This impact ...)
-	TODO: check
+	NOT-FOR-US: khoj-ai khoj
 CVE-2026-13507 (A vulnerability was detected in volcengine OpenViking up to 0.3.21. Th ...)
-	TODO: check
+	NOT-FOR-US: OpenViking
 CVE-2026-10083 (The APCu Manager WordPress plugin before 4.5.0 does not escape APCu ob ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-7386 (Information exposure vulnerability in Hitachi Storage Navigator.  This ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51668b8a531adb958b6480fcc4af8fcd6e03103f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51668b8a531adb958b6480fcc4af8fcd6e03103f
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260630/beab0bc7/attachment.htm>


More information about the debian-security-tracker-commits mailing list