Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9a1cb467 by security tracker role at 2026-02-06T08:13:48+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2026-2010 (A vulnerability has been found in Sanluan PublicCMS up to
4.0.202506.d ...)
TODO: check
CVE-2026-2009 (A flaw has been found in SourceCodester Gas Agency Management
System 1 ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-2008 (A vulnerability was detected in abhiphile fermat-mcp up to
47f11def1cd ...)
TODO: check
CVE-2026-2000 (A vulnerability was found in DCN DCME-320 up to 20260121.
Impacted is ...)
@@ -29,7 +29,7 @@ CVE-2026-24300 (Azure Front Door Elevation of Privilege
Vulnerability)
CVE-2026-23623 (Collabora Online is a collaborative online office suite based
on Libre ...)
TODO: check
CVE-2026-21626 (Access control settings for forum post custom fields are not
applied t ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2026-21532 (Azure Function Information Disclosure Vulnerability)
TODO: check
CVE-2026-1998 (A flaw has been found in micropython up to 1.27.0. This
vulnerability ...)
@@ -65,25 +65,25 @@ CVE-2026-1963 (A vulnerability was found in WeKan up to
8.20. This affects an un
CVE-2026-1962 (A vulnerability has been found in WeKan up to 8.20. The
impacted eleme ...)
TODO: check
CVE-2026-1909 (The WaveSurfer-WP plugin for WordPress is vulnerable to Stored
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1888 (The Docus \u2013 YouTube Video Playlist plugin for WordPress is
vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1808 (The Orange Confort+ accessibility toolbar for WordPress plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1401 (The Tune Library plugin for WordPress is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1279 (The Employee Directory plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1228 (The Timeline Block \u2013 Beautiful Timeline Builder for
WordPress (Ve ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0598 (A security flaw was identified in the Ansible Lightspeed API
conversat ...)
TODO: check
CVE-2026-0521 (A reflected cross-site scripting (XSS) vulnerability in the PDF
export ...)
TODO: check
CVE-2026-0391 (User interface (ui) misrepresentation of critical information
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-0106 (In vpu_mmap of vpu_ioctl, there is a possible arbitrary address
mmap d ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-68458 (Webpack is a module bundler. From version 5.49.0 to before
5.104.1, wh ...)
TODO: check
CVE-2025-68157 (Webpack is a module bundler. From version 5.49.0 to before
5.104.0, wh ...)
@@ -93,9 +93,9 @@ CVE-2025-32393 (AutoGPT is a platform that allows users to
create, deploy, and m
CVE-2025-15566 (A security issue was discovered in ingress-nginxwhere the
`nginx.ingre ...)
TODO: check
CVE-2025-12131 (A truncated 802.15.4 packet can lead to an assert, resulting
in a deni ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2025-10753 (The OAuth Single Sign On \u2013 SSO (OAuth Client) plugin for
WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-25630
REJECTED
CVE-2026-23797 (In Quick.Cart user passwords are stored in plaintext form. An
attacker ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a1cb467efabd4abf3383de8e63fdd87fd41a372
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a1cb467efabd4abf3383de8e63fdd87fd41a372
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
