Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1481f9d2 by security tracker role at 2026-01-28T08:14:22+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -55,7 +55,7 @@ CVE-2026-24770 (RAGFlow is an open-source RAG
(Retrieval-Augmented Generation) e
CVE-2026-24765 (PHPUnit is a testing framework for PHP. A vulnerability has
been disco ...)
TODO: check
CVE-2026-24748 (Kargo manages and automates the promotion of software
artifacts. Prior ...)
- TODO: check
+ NOT-FOR-US: Argo CD
CVE-2026-24747 (PyTorch is a Python package that provides tensor computation.
Prior to ...)
TODO: check
CVE-2026-24741 (ConvertXis a self-hosted online file converter. In versions
prior to 0 ...)
@@ -71,71 +71,71 @@ CVE-2026-24134 (StudioCMS is a server-side-rendered, Astro
native, headless cont
CVE-2026-23830 (SandboxJS is a JavaScript sandboxing library. Versions prior
to 0.8.26 ...)
TODO: check
CVE-2026-21569 (This High severity XXE (XML External Entity Injection)
vulnerability w ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2026-1514 (Official Document Management System developed by 2100
Technology has a ...)
TODO: check
CVE-2026-1513 (billboard.js before 3.18.0 allows an attacker to execute
malicious Jav ...)
TODO: check
CVE-2026-1506 (A vulnerability was determined in D-Link DIR-615 4.10. Impacted
is an ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-1505 (A vulnerability was found in D-Link DIR-615 4.10. This issue
affects s ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-1466 (Jirafeau normally prevents browser preview for text files due
to the p ...)
TODO: check
CVE-2026-1389 (The Document Embedder \u2013 Embed PDFs, Word, Excel, and Other
Files ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1310 (The Simple calendar for Elementor plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1298 (The Easy Replace Image plugin for WordPress is vulnerable to
Missing A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1295 (The Buy Now Plus \u2013 Buy Now buttons for Stripe plugin for
WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1244 (The Forms Bridge \u2013 Infinite integrations plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1083 (The Appointment Hour Booking \u2013 Booking Calendar plugin for
WordPr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1054 (The RegistrationMagic plugin for WordPress is vulnerable to
Missing Au ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0832 (The New User Approve plugin for WordPress is vulnerable to
unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0825 (The Database for Contact Form 7, WPforms, Elementor forms
plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0818 (CSS-based exfiltration of the content from partially encrypted
emails ...)
TODO: check
CVE-2025-9082 (The WPBITS Addons For Elementor plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8072 (The Target Video Easy Publish plugin for WordPress is
vulnerable to St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-67645 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2025-55292 (Meshtastic is an open source mesh networking solution. In the
current ...)
TODO: check
CVE-2025-54373 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2025-40554 (SolarWinds Web Help Desk was found to be susceptible to an
authenticat ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2025-40553 (SolarWinds Web Help Desk was found to be susceptible to an
untrusted d ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2025-40552 (SolarWinds Web Help Desk was found to be susceptible to an
authenticat ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2025-40551 (SolarWinds Web Help Desk was found to be susceptible to an
untrusted d ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2025-40537 (SolarWinds Web Help Desk was found to be susceptible to a
hardcoded cr ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2025-40536 (SolarWinds Web Help Desk was found to be susceptible to a
security con ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2025-21589 (An Authentication Bypass Using an Alternate Path or Channel
vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-14988 (A security issue has been identified in ibaPDA that could
allow unauth ...)
TODO: check
CVE-2025-14610 (The TableMaster for Elementor plugin for WordPress is
vulnerable to Se ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14039 (The Simple Folio plugin for WordPress is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13471 (The User Activity Log WordPress plugin through 2.2 does not
properly h ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12709 (The Interactions \u2013 Create Interactive Experiences in the
Block Ed ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1504 (Inappropriate implementation in Background Fetch API in Google
Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1481f9d2b3021bb641deb951cea25c430732abba
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1481f9d2b3021bb641deb951cea25c430732abba
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
