[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed May 13 12:08:30 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9d954105 by Salvatore Bonaccorso at 2026-05-13T13:08:02+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101,13 +101,13 @@ CVE-2026-44403 (Wing FTP Server 8.1.2 contains an authenticated remote code exec
CVE-2026-44352 (Flowsint is an open-source OSINT graph exploration tool designed for c ...)
NOT-FOR-US: Flowsint
CVE-2026-44347 (Warpgate is an open source SSH, HTTPS and MySQL bastion host for Linux ...)
- TODO: check
+ NOT-FOR-US: Warpgate
CVE-2026-44341 (GoJobs is a REST API for a Job Board platform. The application exposes ...)
- TODO: check
+ NOT-FOR-US: GoJobs
CVE-2026-44307 (Mako is a template library written in Python. Prior to 1.3.12, on Wind ...)
TODO: check
CVE-2026-44306 (Statamic is a Laravel and Git powered content management system (CMS). ...)
- TODO: check
+ NOT-FOR-US: Statamic
CVE-2026-44305 (Lemur manages TLS certificate creation. Prior to 1.9.0, when LDAP TLS ...)
TODO: check
CVE-2026-44304 (Lemur manages TLS certificate creation. Prior to 1.9.0, Lemur's LDAP a ...)
@@ -429,7 +429,7 @@ CVE-2026-7432 (A race condition in Ivanti Secure Access Client before 22.8R6 all
CVE-2026-7431 (An incorrect permission assignment for critical resource of Ivanti Sec ...)
NOT-FOR-US: Ivanti
CVE-2026-7428 (Prior to 2025-11-03,well-intended users of Terraform or REST API for G ...)
- TODO: check
+ NOT-FOR-US: Google Cloud AlloyDB
CVE-2026-7050 (The Forms Rb plugin for WordPress is vulnerable to authorization bypas ...)
NOT-FOR-US: WordPress plugin
CVE-2026-6932 (The Woo Commerce Minimum Weight plugin for WordPress is vulnerable to ...)
@@ -505,13 +505,13 @@ CVE-2026-45211 (Improper Neutralization of Special Elements used in an SQL Comma
CVE-2026-45210 (Missing Authorization vulnerability in Broadstreet Broadstreet Ads bro ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-45091 (sealed-env is a cross-stack, zero-trust secret management library for ...)
- TODO: check
+ NOT-FOR-US: sealed-env
CVE-2026-44412 (A vulnerability has been identified in Solid Edge SE2026 (All versions ...)
NOT-FOR-US: Siemens
CVE-2026-44411 (A vulnerability has been identified in Solid Edge SE2026 (All versions ...)
NOT-FOR-US: Siemens
CVE-2026-44343 (WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there ar ...)
- TODO: check
+ NOT-FOR-US: WGDashboard
CVE-2026-44279 (A improper export of android application components vulnerability in F ...)
NOT-FOR-US: Fortinet
CVE-2026-44278 (A use of hard-coded cryptographic key vulnerability in Fortinet FortiC ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d95410551cd531332d08b469b3315b072345e8c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d95410551cd531332d08b469b3315b072345e8c
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260513/393f6f69/attachment.htm>
More information about the debian-security-tracker-commits
mailing list