Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bbc186e8 by security tracker role at 2026-02-25T20:14:18+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2026-3221 (Sensitive user account information is not encrypted in the
database i ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2026-3206 (Improper Resource Shutdown or Release vulnerability in KrakenD,
SLU Kr ...)
TODO: check
CVE-2026-3203 (RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to
4.6.3 and ...)
@@ -27,33 +27,33 @@ CVE-2026-3186 (A vulnerability was determined in
feiyuchuixue sz-boot-parent up
CVE-2026-3185 (A vulnerability was found in feiyuchuixue sz-boot-parent up to
1.3.2-b ...)
TODO: check
CVE-2026-3171 (A flaw has been found in SourceCodester/Patrick Mvuma Patients
Waiting ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-3118 (A security flaw was identified in the Orchestrator Plugin of
Red Hat D ...)
TODO: check
CVE-2026-2878 (In Progress\xae Telerik\xae UI for AJAX, versions prior to
2026.1.225, ...)
- TODO: check
+ NOT-FOR-US: Progress Software
CVE-2026-2636 (This vulnerability is caused by a CWE\u2011159: "Improper
Handling of ...)
- TODO: check
+ NOT-FOR-US: Fortra
CVE-2026-2624 (Missing Authentication for Critical Function vulnerability in
ePati Cy ...)
TODO: check
CVE-2026-2479 (The Responsive Lightbox & Gallery plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2416 (The Geo Mashup plugin for WordPress is vulnerable to SQL
Injection via ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2410 (The Disable Admin Notices \u2013 Hide Dashboard Notifications
plugin f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2367 (The Secure Copy Content Protection and Content Locking plugin
for Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2301 (The Post Duplicator plugin for WordPress is vulnerable to
unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-28196 (In JetBrains TeamCity before 2025.11.3 disabling versioned
settings le ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2026-28195 (In JetBrains TeamCity before 2025.11.3 missing authorization
allowed p ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2026-28194 (In JetBrains TeamCity before 2025.11.3 open redirect was
possible in t ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2026-28193 (In JetBrains YouTrack before 2025.3.121962 apps were able to
send requ ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2026-27850 (Due to an improperly configured firewall rule, the router will
accept ...)
TODO: check
CVE-2026-27849 (Due to missing neutralization of special elements, OS commands
can be ...)
@@ -107,39 +107,39 @@ CVE-2026-26104 (A flaw was found in the udisks storage
management daemon that al
CVE-2026-26103 (A flaw was found in the udisks storage management daemon that
exposes ...)
TODO: check
CVE-2026-25930 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25929 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25927 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25746 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25743 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25701 (An Insecure Temporary File vulnerability in openSUSE
sdbootutil allows ...)
TODO: check
CVE-2026-25554 (OpenSIPS versions 3.1 before 3.6.4 containing the auth_jwt
module (pri ...)
TODO: check
CVE-2026-25476 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25220 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25164 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-25138 (Rucio is a software framework that provides functionality to
organize, ...)
TODO: check
CVE-2026-25136 (Rucio is a software framework that provides functionality to
organize, ...)
TODO: check
CVE-2026-24908 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-24890 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-24487 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-24005 (Kruise provides automated management of large-scale
applications on Ku ...)
TODO: check
CVE-2026-23627 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-22866 (Ethereum Name Service (ENS) is a distributed, open, and
extensible nam ...)
TODO: check
CVE-2026-22720 (VMware Aria Operations contains a stored cross-site scripting
vulnerab ...)
@@ -147,21 +147,21 @@ CVE-2026-22720 (VMware Aria Operations contains a stored
cross-site scripting vu
CVE-2026-22719 (VMware Aria Operations contains a command injection
vulnerability. A m ...)
TODO: check
CVE-2026-21902 (An Incorrect Permission Assignment for Critical Resource
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2026-21725 (A time-of-create-to-time-of-use (TOCTOU) vulnerability lets
recently d ...)
TODO: check
CVE-2026-20133 (A vulnerability in Cisco Catalyst SD-WAN Manager could allow
an unauth ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20129 (A vulnerability in the API user authentication of Cisco
Catalyst SD-WA ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20128 (A vulnerability in the Data Collection Agent (DCA) feature of
Cisco Ca ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20127 (A vulnerability in the peering authentication in Cisco
Catalyst SD-WAN ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20126 (A vulnerability in Cisco Catalyst SD-WAN Manager could allow
an authen ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20122 (A vulnerability in the API of Cisco Catalyst SD-WAN Manager
could allo ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20107 (A vulnerability in the Object Model CLI component of Cisco
Application ...)
TODO: check
CVE-2026-20099 (A vulnerability in the web-based management interface of Cisco
FXOS So ...)
@@ -169,29 +169,29 @@ CVE-2026-20099 (A vulnerability in the web-based
management interface of Cisco F
CVE-2026-20091 (A vulnerability in the web-based management interface of Cisco
FXOS So ...)
TODO: check
CVE-2026-20051 (A vulnerability with the Ethernet VPN (EVPN) Layer 2 ingress
packet pr ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20048 (A vulnerability in the Simple Network Management Protocol
(SNMP) subsy ...)
TODO: check
CVE-2026-20037 (A vulnerability in the NX-OS CLI privilege levels of Cisco UCS
Manager ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20036 (A vulnerability in the CLI and web-based management interface
of Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20033 (A vulnerability in Cisco Nexus 9000 Series Fabric Switches in
ACI mode ...)
TODO: check
CVE-2026-20010 (A vulnerability in the Link Layer Discovery Protocol (LLDP)
feature of ...)
TODO: check
CVE-2026-1929 (The Advanced Woo Labels plugin for WordPress is vulnerable to
Remote C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1916 (The WPGSI: Spreadsheet Integration plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0704 (In affected version of Octopus Deploy it was possible to remove
files ...)
- TODO: check
+ NOT-FOR-US: Octopus Deploy
CVE-2025-69771 (An arbitrary file upload vulnerability in the subtitle loading
functio ...)
TODO: check
CVE-2025-67860 (A vulnerability has been identified in the NeuVector scanner
where the ...)
TODO: check
CVE-2025-67601 (A vulnerability has been identified within Rancher Manager,
where usin ...)
- TODO: check
+ NOT-FOR-US: SUSE
CVE-2025-62878 (A malicious user can manipulate the parameters.pathPatternto
create Pe ...)
TODO: check
CVE-2025-50180 (esm.sh is a no-build content delivery network (CDN) for web
developmen ...)
@@ -201,7 +201,7 @@ CVE-2025-3525 (GitLab has remediated an issue in GitLab
CE/EE affecting all vers
CVE-2025-1242 (The administrative credentials can be extracted through
application AP ...)
TODO: check
CVE-2025-14742 (The WP Recipe Maker plugin for WordPress is vulnerable to
unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14103 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
TODO: check
CVE-2026-27015
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbc186e833d3405d4b59cb0025ceaeeaea4dc154
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbc186e833d3405d4b59cb0025ceaeeaea4dc154
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
