Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0637b0c7 by security tracker role at 2026-02-11T08:13:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,65 @@
+CVE-2026-26079 (Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows
Cascading ...)
+ TODO: check
+CVE-2026-26044
+ REJECTED
+CVE-2026-26043
+ REJECTED
+CVE-2026-26042
+ REJECTED
+CVE-2026-26041
+ REJECTED
+CVE-2026-26040
+ REJECTED
+CVE-2026-26039
+ REJECTED
+CVE-2026-26038
+ REJECTED
+CVE-2026-26037
+ REJECTED
+CVE-2026-26036
+ REJECTED
+CVE-2026-26013 (LangChain is a framework for building agents and LLM-powered
applicati ...)
+ TODO: check
+CVE-2026-26007 (cryptography is a package designed to expose cryptographic
primitives ...)
+ TODO: check
+CVE-2026-26006 (AutoGPT is a platform that allows users to create, deploy, and
manage ...)
+ TODO: check
+CVE-2026-25872 (JUNG Smart Panel KNX firmware version L1.12.22 and prior
contain an un ...)
+ TODO: check
+CVE-2026-25870 (DoraCMS version 3.1 and prior contains a server-side request
forgery ( ...)
+ TODO: check
+CVE-2026-25251
+ REJECTED
+CVE-2026-1893 (The Orbisius Random Name Generator plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2026-1763 (Vulnerability in GE Vernova Enervista UR Setup on Windows.This
issue a ...)
+ TODO: check
+CVE-2026-1762 (A vulnerability in GE Vernova Enervista UR Setup on Windows
allows Fil ...)
+ TODO: check
+CVE-2026-1571 (User-controlled input is reflected into the HTML output without
proper ...)
+ TODO: check
+CVE-2026-1507 (The affected products are vulnerable to an uncaught exception
that cou ...)
+ TODO: check
+CVE-2026-1495 (The vulnerability, if exploited, could allow an attacker with
Event Lo ...)
+ TODO: check
+CVE-2026-1357 (The Migration, Backup, Staging \u2013 WPvivid Backup &
Migration plugi ...)
+ TODO: check
+CVE-2026-1235 (The WP eCommerce WordPress plugin through 3.15.1 unserializes
user inp ...)
+ TODO: check
+CVE-2026-1231 (The Beaver Builder Page Builder \u2013 Drag and Drop Website
Builder p ...)
+ TODO: check
+CVE-2025-15524 (The Gallery by FooGallery plugin for WordPress is vulnerable
to unauth ...)
+ TODO: check
+CVE-2025-15400 (The Pix para Woocommerce WordPress plugin through 2.13.3
allows any a ...)
+ TODO: check
+CVE-2025-14541 (The Lucky Wheel Giveaway plugin for WordPress is vulnerable to
Remote ...)
+ TODO: check
+CVE-2025-13431 (The SlimStat Analytics plugin for WordPress is vulnerable to
time-base ...)
+ TODO: check
+CVE-2025-12699 (The ZOLL ePCR IOS application reflects unsanitized user input
into a W ...)
+ TODO: check
+CVE-2025-10912 (Authorization Bypass Through User-Controlled Key vulnerability
in Saas ...)
+ TODO: check
CVE-2026-2272 [ICO import integer overflow bypass leads to heap buffer
overflow]
- gimp <unfixed>
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15617
@@ -1138,7 +1200,7 @@ CVE-2026-25859 (Wekan versions prior to 8.20 allow
non-administrative users to a
- wekan <itp> (bug #819238)
CVE-2026-25858 (macrozheng mall version 1.0.3 and prior contains an
authentication vul ...)
NOT-FOR-US: macrozheng mall
-CVE-2026-25857 (Tenda G300-F router firmware versio 16.01.14.2 and prior
contain an OS ...)
+CVE-2026-25857 (Tenda G300-F router firmware version 16.01.14.2 and prior
contain an O ...)
NOT-FOR-US: Tenda
CVE-2026-25568 (WeKan versions prior to 8.19 contain an authorization logic
vulnerabil ...)
- wekan <itp> (bug #819238)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0637b0c76ca1cb7c878a4f3751f65202310e4e0c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0637b0c76ca1cb7c878a4f3751f65202310e4e0c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
