Vulnerable source packages among backports for stable

Note that the list below is based on source packages. This means that packages are not listed here once a new, fixed source version has been uploaded to the archive, even if there are still some vulnerable binary packages present in the archive.


PackageBugUrgencyRemote
calibreCVE-2026-25635not yet assignedno
CVE-2026-25636not yet assignedno
CVE-2026-25731not yet assignedno
CVE-2026-26064not yet assignedno
CVE-2026-26065not yet assignedno
CVE-2026-27810not yet assignedno
CVE-2026-27824not yet assignedno
CVE-2026-30853not yet assignedno
CVE-2026-33205not yet assignedno
CVE-2026-33206not yet assignedno
ckermitCVE-2025-68920not yet assignedno
claws-mailCVE-2019-10735lowno
devscriptsCVE-2025-8454not yet assignedno
fort-validatorCVE-2024-56169not yet assignedno
CVE-2024-56170not yet assignedno
linuxCVE-2013-7445not yet assignedno
CVE-2018-12928lowno
CVE-2019-15213not yet assignedno
CVE-2019-16089not yet assignedno
CVE-2019-19449not yet assignedno
CVE-2019-19814not yet assignedno
CVE-2019-20794not yet assignedno
CVE-2020-14304not yet assignedno
CVE-2020-36694not yet assignedno
CVE-2021-3847not yet assignedno
CVE-2021-3864not yet assignedno
CVE-2023-3397not yet assignedno
CVE-2023-4010not yet assignedno
CVE-2023-6238not yet assignedno
CVE-2023-6240not yet assignedno
CVE-2023-31082not yet assignedno
CVE-2023-37454not yet assignedno
CVE-2024-2193not yet assignedno
CVE-2024-21803not yet assignedno
CVE-2024-24864not yet assignedno
CVE-2024-56709not yet assignedno
CVE-2026-23274not yet assignedno
CVE-2026-23275not yet assignedno
CVE-2026-23276not yet assignedno
CVE-2026-23277not yet assignedno
CVE-2026-23278not yet assignedno
CVE-2026-23391not yet assignedno
CVE-2026-23392not yet assignedno
CVE-2026-23393not yet assignedno
CVE-2026-23394not yet assignedno
CVE-2026-23395not yet assignedno
CVE-2026-23396not yet assignedno
CVE-2026-23397not yet assignedno
CVE-2026-23398not yet assignedno
CVE-2026-23399not yet assignedno
CVE-2026-23400not yet assignedno
CVE-2026-23401not yet assignedno
CVE-2026-23402not yet assignedno
CVE-2026-31788not yet assignedno
nvidia-graphics-drivers (non-free-firmware)CVE-2025-23279not yet assignedno
CVE-2025-23280not yet assignedno
CVE-2025-23282not yet assignedno
CVE-2025-23286not yet assignedno
CVE-2025-23300not yet assignedno
CVE-2025-23330not yet assignedno
CVE-2025-23332not yet assignedno
CVE-2025-23345not yet assignedno
CVE-2025-33219not yet assignedno
nvidia-open-gpu-kernel-modules (contrib)CVE-2025-23279not yet assignedno
CVE-2025-23280not yet assignedno
CVE-2025-23282not yet assignedno
CVE-2025-23286not yet assignedno
CVE-2025-23300not yet assignedno
CVE-2025-23330not yet assignedno
CVE-2025-23332not yet assignedno
CVE-2025-23345not yet assignedno
CVE-2025-33219not yet assignedno
opensshCVE-2026-3497not yet assignedno
pyasn1CVE-2026-30922not yet assignedno
redictCVE-2025-67733not yet assignedno
CVE-2026-21863not yet assignedno
rustcCVE-2026-33055not yet assignedno
CVE-2026-33056not yet assignedno
tinyproxyCVE-2026-3945not yet assignedno
zabbixCVE-2026-23924not yet assignedno
znuny (non-free)CVE-2025-52204not yet assignedno
CVE-2025-59490not yet assigned?

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.

Search for package or bug name: Reporting problems