The table below lists packages which are fixed in unstable, but unfixed in testing. Use the testing migration checker to find out why they have not entered testing yet.
| Package | Migration | Bug | Urgency | Remote | |
|---|---|---|---|---|---|
| chromium | check | CVE-2026-4673 | not yet assigned | no | (fixed in stable?) |
| CVE-2026-4674 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-4675 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-4676 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-4677 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-4678 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-4679 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-4680 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5272 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5273 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5274 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5275 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5276 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5277 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5278 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5279 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5280 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5281 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5282 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5283 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5284 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5285 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5286 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5287 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5288 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5289 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5290 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5291 | not yet assigned | no | (fixed in stable?) | ||
| CVE-2026-5292 | not yet assigned | no | (fixed in stable?) | ||
| dovecot | check | CVE-2025-59028 | not yet assigned | no | |
| CVE-2025-59032 | not yet assigned | no | |||
| CVE-2026-24031 | not yet assigned | no | |||
| CVE-2026-27855 | not yet assigned | no | |||
| CVE-2026-27856 | not yet assigned | no | |||
| CVE-2026-27857 | not yet assigned | no | |||
| CVE-2026-27858 | not yet assigned | no | |||
| CVE-2026-27859 | not yet assigned | no | |||
| CVE-2026-27860 | not yet assigned | no | |||
| edk2 | check | CVE-2024-38798 | not yet assigned | no | |
| flask | check | CVE-2026-27205 | not yet assigned | no | |
| gdk-pixbuf | check | CVE-2026-5201 | not yet assigned | no | |
| grub2 | check | CVE-2025-54770 | not yet assigned | no | |
| CVE-2025-54771 | not yet assigned | no | |||
| CVE-2025-61661 | not yet assigned | no | |||
| CVE-2025-61662 | not yet assigned | no | |||
| CVE-2025-61663 | not yet assigned | no | |||
| CVE-2025-61664 | not yet assigned | no | |||
| ldap-account-manager | check | CVE-2025-58174 | not yet assigned | no | |
| CVE-2026-27894 | not yet assigned | no | |||
| CVE-2026-27895 | not yet assigned | no | |||
| libvncserver | check | CVE-2026-32853 | not yet assigned | no | |
| CVE-2026-32854 | not yet assigned | no | |||
| linux | check | CVE-2026-23401 | not yet assigned | no | |
| CVE-2026-23402 | not yet assigned | no | |||
| CVE-2026-23414 | not yet assigned | no | |||
| CVE-2026-23415 | not yet assigned | no | |||
| CVE-2026-23416 | not yet assigned | no | |||
| CVE-2026-23417 | not yet assigned | no | |||
| mxml | check | CVE-2026-5037 | not yet assigned | no | |
| node-lodash | check | CVE-2026-2950 | not yet assigned | no | |
| CVE-2026-4800 | not yet assigned | no | |||
| node-serialize-javascript | check | CVE-2026-34043 | not yet assigned | no | |
| opensc | check | CVE-2025-66037 | not yet assigned | no | |
| psd-tools | check | CVE-2026-27809 | not yet assigned | no | |
| python-cryptography | check | CVE-2026-34073 | not yet assigned | no | |
| python-tornado | check | CVE-2026-31958 | not yet assigned | no | |
| CVE-2026-35536 | not yet assigned | no | |||
| python3.14 | check | CVE-2025-13462 | not yet assigned | no | |
| CVE-2026-2297 | not yet assigned | no | |||
| CVE-2026-3644 | not yet assigned | no | |||
| CVE-2026-4224 | not yet assigned | no | |||
| rust-astral-tokio-tar | check | CVE-2026-32766 | not yet assigned | no | |
| tiff | check | CVE-2026-4775 | not yet assigned | no | |
| util-linux | check | CVE-2026-27456 | not yet assigned | no | |
| vega.js | check | CVE-2025-66648 | not yet assigned | no | |
| webkit2gtk | check | CVE-2025-46299 | not yet assigned | no | |
| CVE-2026-20643 | not yet assigned | no | |||
| CVE-2026-20664 | not yet assigned | no | |||
| CVE-2026-20665 | not yet assigned | no | |||
| CVE-2026-20691 | not yet assigned | no | |||
| CVE-2026-28857 | not yet assigned | no | |||
| CVE-2026-28859 | not yet assigned | no | |||
| CVE-2026-28861 | not yet assigned | no | |||
| CVE-2026-28871 | not yet assigned | no | |||
| zlib | check | CVE-2026-27171 | not yet assigned | no |