Vulnerable source packages in the stable suite

Package	Bug	Urgency	Remote
admesh	CVE-2026-2653	not yet assigned	no
amd64-microcode (non-free-firmware)	CVE-2024-36350	not yet assigned	no
	CVE-2024-36357	not yet assigned	no
	CVE-2025-0033	not yet assigned	no
	CVE-2025-29934	not yet assigned	no
	CVE-2025-29943	not yet assigned	no
	CVE-2025-48514	not yet assigned	no
	CVE-2025-48517	not yet assigned	no
	CVE-2025-52534	not yet assigned	no
	CVE-2025-52536	not yet assigned	no
	CVE-2025-54514	not yet assigned	no
ceph	CVE-2024-31884	not yet assigned	?
	CVE-2024-47866	not yet assigned	no
chromium	CVE-2026-2648	not yet assigned	no
	CVE-2026-2649	not yet assigned	no
	CVE-2026-2650	not yet assigned	no
cpp-httplib	CVE-2025-46728	not yet assigned	no
	CVE-2025-53628	not yet assigned	no
	CVE-2025-53629	not yet assigned	no
	CVE-2025-66570	not yet assigned	no
	CVE-2025-66577	not yet assigned	no
	CVE-2026-21428	not yet assigned	no
	CVE-2026-22776	not yet assigned	no
django-allauth	CVE-2025-65430	not yet assigned	no
evolution-data-server	CVE-2026-2604	not yet assigned	?
fontforge	CVE-2025-15269	not yet assigned	no
	CVE-2025-15270	not yet assigned	no
	CVE-2025-15271	not yet assigned	no
	CVE-2025-15272	not yet assigned	no
	CVE-2025-15273	not yet assigned	no
	CVE-2025-15274	not yet assigned	no
	CVE-2025-15275	not yet assigned	no
	CVE-2025-15276	not yet assigned	no
	CVE-2025-15277	not yet assigned	no
	CVE-2025-15278	not yet assigned	no
	CVE-2025-15279	not yet assigned	no
	CVE-2025-15280	not yet assigned	no
frr	CVE-2025-61099	not yet assigned	no
	CVE-2025-61100	not yet assigned	no
	CVE-2025-61101	not yet assigned	no
	CVE-2025-61102	not yet assigned	no
	CVE-2025-61105	not yet assigned	no
gegl	CVE-2026-2049	not yet assigned	?
	CVE-2026-2050	not yet assigned	?
git-lfs	CVE-2025-26625	not yet assigned	no
gokey	CVE-2025-13353	not yet assigned	no
golang-1.24	CVE-2025-61728	not yet assigned	no
	CVE-2025-61730	not yet assigned	no
	CVE-2025-61731	not yet assigned	no
	CVE-2025-61732	not yet assigned	no
golang-github-go-git-go-git	CVE-2026-25934	not yet assigned	no
golang-github-pion-dtls.v2	CVE-2026-26014	not yet assigned	no
golang-go.crypto	CVE-2024-45337	not yet assigned	no
	CVE-2025-47913	not yet assigned	no
inetutils	TEMP-0000000-DBCA0A	not yet assigned	?
jackson-core	CVE-2025-52999	not yet assigned	no
jpeg-xl	CVE-2025-12474	not yet assigned	no
	CVE-2026-1837	not yet assigned	no
libvpx	CVE-2026-2447	not yet assigned	no
linux	CVE-2013-7445	not yet assigned	no
	CVE-2018-12928	low	no
	CVE-2019-15213	not yet assigned	no
	CVE-2019-16089	not yet assigned	no
	CVE-2019-19449	not yet assigned	no
	CVE-2019-19814	not yet assigned	no
	CVE-2019-20794	not yet assigned	no
	CVE-2020-14304	not yet assigned	no
	CVE-2020-36694	not yet assigned	no
	CVE-2021-3847	not yet assigned	no
	CVE-2021-3864	not yet assigned	no
	CVE-2023-3397	not yet assigned	no
	CVE-2023-4010	not yet assigned	no
	CVE-2023-6238	not yet assigned	no
	CVE-2023-6240	not yet assigned	no
	CVE-2023-31082	not yet assigned	no
	CVE-2023-37454	not yet assigned	no
	CVE-2024-2193	not yet assigned	no
	CVE-2024-21803	not yet assigned	no
	CVE-2024-24864	not yet assigned	no
	CVE-2024-25740	not yet assigned	no
	CVE-2024-52560	not yet assigned	no
	CVE-2024-56709	not yet assigned	no
	CVE-2024-58015	not yet assigned	no
	CVE-2024-58074	not yet assigned	no
	CVE-2024-58093	not yet assigned	no
	CVE-2024-58094	not yet assigned	no
	CVE-2024-58095	not yet assigned	no
	CVE-2025-21709	not yet assigned	no
	CVE-2025-21752	not yet assigned	no
	CVE-2025-21807	not yet assigned	no
	CVE-2025-21949	not yet assigned	no
	CVE-2025-22104	not yet assigned	no
	CVE-2025-22108	not yet assigned	no
	CVE-2025-22109	not yet assigned	no
	CVE-2025-22116	not yet assigned	no
	CVE-2025-22117	not yet assigned	no
	CVE-2025-22127	not yet assigned	no
	CVE-2025-23131	not yet assigned	no
	CVE-2025-23132	not yet assigned	no
	CVE-2025-23135	not yet assigned	no
	CVE-2025-37743	not yet assigned	no
	CVE-2025-37746	not yet assigned	no
	CVE-2025-37880	not yet assigned	no
	CVE-2025-37906	not yet assigned	no
	CVE-2025-38029	not yet assigned	no
	CVE-2025-38036	not yet assigned	no
	CVE-2025-38041	not yet assigned	no
	CVE-2025-38042	not yet assigned	no
	CVE-2025-38064	not yet assigned	no
	CVE-2025-38132	not yet assigned	no
	CVE-2025-38137	not yet assigned	no
	CVE-2025-38140	not yet assigned	no
	CVE-2025-38187	not yet assigned	no
	CVE-2025-38199	not yet assigned	no
	CVE-2025-38203	not yet assigned	no
	CVE-2025-38204	not yet assigned	no
	CVE-2025-38205	not yet assigned	no
	CVE-2025-38206	not yet assigned	no
	CVE-2025-38207	not yet assigned	no
	CVE-2025-38237	not yet assigned	no
	CVE-2025-38261	not yet assigned	no
	CVE-2025-38284	not yet assigned	no
	CVE-2025-38311	not yet assigned	no
	CVE-2025-38359	not yet assigned	no
	CVE-2025-38421	not yet assigned	no
	CVE-2025-38426	not yet assigned	no
	CVE-2025-38584	not yet assigned	no
	CVE-2025-38597	not yet assigned	no
	CVE-2025-38605	not yet assigned	no
	CVE-2025-38621	not yet assigned	no
	CVE-2025-38627	not yet assigned	no
	CVE-2025-38636	not yet assigned	no
	CVE-2025-39677	not yet assigned	no
	CVE-2025-39762	not yet assigned	no
	CVE-2025-39764	not yet assigned	no
	CVE-2025-39775	not yet assigned	no
	CVE-2025-39789	not yet assigned	no
	CVE-2025-39830	not yet assigned	no
	CVE-2025-39833	not yet assigned	no
	CVE-2025-39834	not yet assigned	no
	CVE-2025-39859	not yet assigned	no
	CVE-2025-39862	not yet assigned	no
	CVE-2025-39910	not yet assigned	no
	CVE-2025-39925	not yet assigned	no
	CVE-2025-39933	not yet assigned	no
	CVE-2025-39958	not yet assigned	no
	CVE-2025-40005	not yet assigned	no
	CVE-2025-40025	not yet assigned	no
	CVE-2025-40054	not yet assigned	no
	CVE-2025-40064	not yet assigned	no
	CVE-2025-40065	not yet assigned	no
	CVE-2025-40074	not yet assigned	no
	CVE-2025-40086	not yet assigned	no
	CVE-2025-40098	not yet assigned	no
	CVE-2025-40102	not yet assigned	no
	CVE-2025-40113	not yet assigned	no
	CVE-2025-40130	not yet assigned	no
	CVE-2025-40135	not yet assigned	no
	CVE-2025-40136	not yet assigned	no
	CVE-2025-40139	not yet assigned	no
	CVE-2025-40146	not yet assigned	no
	CVE-2025-40147	not yet assigned	no
	CVE-2025-40150	not yet assigned	no
	CVE-2025-40158	not yet assigned	no
	CVE-2025-40168	not yet assigned	no
	CVE-2025-40217	not yet assigned	no
	CVE-2025-40247	not yet assigned	no
	CVE-2025-40338	not yet assigned	no
	CVE-2025-40355	not yet assigned	no
	CVE-2025-68174	not yet assigned	no
	CVE-2025-68175	not yet assigned	no
	CVE-2025-68193	not yet assigned	no
	CVE-2025-68209	not yet assigned	no
	CVE-2025-68236	not yet assigned	no
	CVE-2025-68239	not yet assigned	no
	CVE-2025-68251	not yet assigned	no
	CVE-2025-68304	not yet assigned	no
	CVE-2025-68318	not yet assigned	no
	CVE-2025-68319	not yet assigned	no
	CVE-2025-68334	not yet assigned	no
	CVE-2025-68353	not yet assigned	no
	CVE-2025-68359	not yet assigned	no
	CVE-2025-68360	not yet assigned	no
	CVE-2025-68368	not yet assigned	no
	CVE-2025-68376	not yet assigned	no
	CVE-2025-68729	not yet assigned	no
	CVE-2025-68730	not yet assigned	no
	CVE-2025-68735	not yet assigned	no
	CVE-2025-68736	not yet assigned	no
	CVE-2025-68745	not yet assigned	no
	CVE-2025-68751	not yet assigned	no
	CVE-2025-68755	not yet assigned	no
	CVE-2025-68768	not yet assigned	no
	CVE-2025-71074	not yet assigned	no
	CVE-2025-71117	not yet assigned	no
	CVE-2025-71141	not yet assigned	no
	CVE-2025-71152	not yet assigned	no
	CVE-2025-71161	not yet assigned	no
	CVE-2025-71202	not yet assigned	no
	CVE-2025-71221	not yet assigned	no
	CVE-2025-71226	not yet assigned	no
	CVE-2025-71227	not yet assigned	no
	CVE-2025-71230	not yet assigned	no
	CVE-2026-22981	not yet assigned	no
	CVE-2026-22985	not yet assigned	no
	CVE-2026-22986	not yet assigned	no
	CVE-2026-22993	not yet assigned	no
	CVE-2026-23004	not yet assigned	no
	CVE-2026-23007	not yet assigned	no
	CVE-2026-23017	not yet assigned	no
	CVE-2026-23066	not yet assigned	no
	CVE-2026-23070	not yet assigned	no
	CVE-2026-23100	not yet assigned	no
	CVE-2026-23102	not yet assigned	no
	CVE-2026-23104	not yet assigned	no
	CVE-2026-23137	not yet assigned	no
	CVE-2026-23138	not yet assigned	no
	CVE-2026-23152	not yet assigned	no
	CVE-2026-23157	not yet assigned	no
	CVE-2026-23171	not yet assigned	no
	CVE-2026-23207	not yet assigned	no
	CVE-2026-23208	not yet assigned	no
	CVE-2026-23210	not yet assigned	no
	CVE-2026-23217	not yet assigned	no
	CVE-2026-23221	not yet assigned	no
	CVE-2026-23225	not yet assigned	no
	CVE-2026-23226	not yet assigned	no
	CVE-2026-23227	not yet assigned	no
logback	CVE-2026-1225	not yet assigned	no
lrzip	CVE-2025-15570	not yet assigned	no
lxd	CVE-2026-23953	not yet assigned	no
	CVE-2026-23954	not yet assigned	no
minisat2	CVE-2026-2644	not yet assigned	no
netty	CVE-2025-55163	not yet assigned	no
	CVE-2025-58056	not yet assigned	no
	CVE-2025-58057	not yet assigned	no
	CVE-2025-59419	not yet assigned	no
	CVE-2025-67735	not yet assigned	no
nltk	CVE-2025-14009	not yet assigned	no
node-brace-expansion	CVE-2026-25547	not yet assigned	no
node-elliptic	CVE-2025-14505	not yet assigned	no
node-tar	CVE-2026-23745	not yet assigned	no
nodejs	CVE-2025-55130	not yet assigned	no
	CVE-2025-55131	not yet assigned	no
	CVE-2025-55132	not yet assigned	no
	CVE-2025-59465	not yet assigned	no
	CVE-2025-59466	not yet assigned	no
	CVE-2026-21637	not yet assigned	no
nova	CVE-2026-24708	not yet assigned	no
openbabel	CVE-2026-2704	not yet assigned	?
	CVE-2026-2705	not yet assigned	?
openfoam	CVE-2025-61982	not yet assigned	no
orthanc	CVE-2025-15581	not yet assigned	no
pdfminer	CVE-2025-70559	not yet assigned	no
pillow	CVE-2026-25990	not yet assigned	no
python-aiohttp	CVE-2025-69223	not yet assigned	no
	CVE-2025-69224	not yet assigned	no
	CVE-2025-69225	not yet assigned	no
	CVE-2025-69226	not yet assigned	no
	CVE-2025-69227	not yet assigned	no
	CVE-2025-69228	not yet assigned	no
	CVE-2025-69229	not yet assigned	no
	CVE-2025-69230	not yet assigned	no
python-authlib	CVE-2025-68158	not yet assigned	no
python-cryptography	CVE-2026-26007	not yet assigned	no
python-django	CVE-2025-13473	not yet assigned	no
	CVE-2025-14550	not yet assigned	no
	CVE-2026-1207	not yet assigned	no
	CVE-2026-1285	not yet assigned	no
	CVE-2026-1287	not yet assigned	no
	CVE-2026-1312	not yet assigned	no
python-geopandas	CVE-2025-69662	not yet assigned	no
python-tornado	CVE-2025-67724	not yet assigned	no
	CVE-2025-67725	not yet assigned	no
	CVE-2025-67726	not yet assigned	no
python3.13	CVE-2025-11468	not yet assigned	no
	CVE-2025-15282	not yet assigned	no
	CVE-2025-15366	not yet assigned	no
rtpengine	CVE-2025-53399	not yet assigned	no
ruby-rack	CVE-2026-22860	not yet assigned	no
	CVE-2026-25500	not yet assigned	no
runc	CVE-2025-31133	not yet assigned	no
	CVE-2025-52565	not yet assigned	no
	CVE-2025-52881	not yet assigned	no
rust-rpm-sequoia	CVE-2026-2625	not yet assigned	?
squirrel3	CVE-2026-2659	not yet assigned	no
	CVE-2026-2661	not yet assigned	no
tomcat11	CVE-2026-24734	not yet assigned	no
universal-ctags	CVE-2026-2641	not yet assigned	no
vega.js	CVE-2025-26619	not yet assigned	no
	CVE-2025-27793	not yet assigned	no
	CVE-2025-59840	not yet assigned	no
	CVE-2025-65110	not yet assigned	no
	CVE-2025-66648	not yet assigned	no
wheel	CVE-2026-24049	not yet assigned	no

If a "*" is included in the urgency field, no DSA is planned for this vulnerability.

If a "**" is included, the urgency field was automatically assigned by the NVD (National Vulnerability Database). Note that this rating is automatically derived from a set of known factors about the issue (such as access complexity, confidentiality impact, exploitability, remediation level, and others). Human intervention is involved in determining the values of these factors, but the rating itself comes from a fully automated formula.