Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8ddd40c3 by security tracker role at 2026-02-27T08:14:18+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2026-3302 (A weakness has been identified in SourceCodester Doctor
Appointment Sy ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-3301 (A security flaw has been discovered in Totolink N300RH
6.1c.1353_B2019 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-3293 (A weakness has been identified in snowflakedb snowflake-jdbc up
to 4.0 ...)
TODO: check
CVE-2026-3292 (A security vulnerability has been detected in jizhiCMS up to
2.5.6. Af ...)
@@ -23,15 +23,15 @@ CVE-2026-3282 (A flaw has been found in libvips 8.19.0.
This vulnerability affec
CVE-2026-3281 (A vulnerability was detected in libvips 8.19.0. This affects
the funct ...)
TODO: check
CVE-2026-3275 (A weakness has been identified in Tenda F453 1.0.0.3. This
affects the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-3274 (A security flaw has been discovered in Tenda F453 1.0.0.3.
Affected by ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-3273 (A vulnerability was identified in Tenda F453 1.0.0.3. Affected
by this ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-3272 (A vulnerability was determined in Tenda F453 1.0.0.3. Affected
is the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-3271 (A vulnerability was found in Tenda F453 1.0.0.3. This impacts
the func ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-3270 (A vulnerability has been found in psi-probe PSI Probe up to
5.3.0. Thi ...)
TODO: check
CVE-2026-3269 (A flaw has been found in psi-probe PSI Probe up to 5.3.0. The
impacted ...)
@@ -47,11 +47,11 @@ CVE-2026-3263 (A vulnerability was found in go2ismail
Asp.Net-Core-Inventory-Ord
CVE-2026-3262 (A vulnerability has been found in go2ismail
Asp.Net-Core-Inventory-Ord ...)
TODO: check
CVE-2026-3261 (A flaw has been found in itsourcecode School Management System
1.0. Th ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-3037 (An OS command injection vulnerability exists in XWEB Pro
version 1.12. ...)
TODO: check
CVE-2026-2428 (The Fluent Forms Pro Add On Pack plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-28370 (In the query parser in OpenStack Vitrage before 12.0.1,
13.0.0, 14.0.0 ...)
TODO: check
CVE-2026-28364 (In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer
over-read in Mar ...)
@@ -73,15 +73,15 @@ CVE-2026-28269 (Kiteworks is a private data network (PDN).
Prior to version 9.2.
CVE-2026-28230 (SteVe is an open-source EV charging station management system.
In vers ...)
TODO: check
CVE-2026-28227 (Discourse is an open source discussion platform. Prior to
versions 202 ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-28226 (Phishing Club is a phishing simulation and man-in-the-middle
framework ...)
TODO: check
CVE-2026-28225 (Manyfold is an open source, self-hosted web application for
managing a ...)
TODO: check
CVE-2026-28219 (Discourse is an open source discussion platform. Prior to
versions 202 ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-28218 (Discourse is an open source discussion platform. Prior to
versions 202 ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-28217 (hoppscotch is an open source API development ecosystem. Prior
to versi ...)
TODO: check
CVE-2026-28216 (hoppscotch is an open source API development ecosystem. Prior
to versi ...)
@@ -121,25 +121,25 @@ CVE-2026-27638 (Actual is a local-first personal finance
tool. Prior to version
CVE-2026-27457 (Weblate is a web based localization tool. Prior to version
5.16.1, the ...)
TODO: check
CVE-2026-27449 (Umbraco Engage is a business intelligence platform. A
vulnerability ha ...)
- TODO: check
+ NOT-FOR-US: Umbraco CMS
CVE-2026-27162 (Discourse is an open source discussion platform. Prior to
versions 202 ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-27154 (Discourse is an open source discussion platform. Prior to
versions 202 ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-27153 (Discourse is an open source discussion platform. Prior to
versions 202 ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-27152 (Discourse is an open source discussion platform. Prior to
versions 202 ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-27151 (Discourse is an open source discussion platform. Prior to
versions 202 ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-27150 (Discourse is an open source discussion platform. Prior to
versions 202 ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-27149 (Discourse is an open source discussion platform. Prior to
versions 202 ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-27028 (WebSocket endpoints lack proper authentication mechanisms,
enabling a ...)
TODO: check
CVE-2026-27021 (Discourse is an open source discussion platform. Prior to
versions 202 ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-26305 (The WebSocket Application Programming Interface lacks
restrictions on ...)
TODO: check
CVE-2026-26290 (The WebSocket backend uses charging station identifiers to
uniquely a ...)
@@ -233,9 +233,9 @@ CVE-2026-20742 (An OS command injection vulnerability
exists in XWEB Pro versi
CVE-2026-20733 (Charging station authentication identifiers are publicly
accessible vi ...)
TODO: check
CVE-2026-1585 (An unquoted Windows service executable path vulnerability in IJ
Scan U ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2026-1558 (The WP Recipe Maker plugin for WordPress is vulnerable to an
Insecure ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1442 (Since the encryption algorithm used to protect firmware updates
is its ...)
TODO: check
CVE-2025-15567 (Insufficient protection mechanisms in the Health Module may
lead to pa ...)
@@ -243,11 +243,11 @@ CVE-2025-15567 (Insufficient protection mechanisms in the
Health Module may lead
CVE-2025-15509 (TheSmartRemote module has insufficient restrictions on loading
URLs, w ...)
TODO: check
CVE-2025-14149 (The Xpro Addons \u2014 140+ Widgets for Elementor plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14040 (The Automotive Car Dealership Business WordPress Theme for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12981 (The Listee theme for WordPress is vulnerable to privilege
escalation i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31364 (Improper handling of direct memory writes in the input-output
memory m ...)
TODO: check
CVE-2026-XXXX [rashes Opus buffer overruns]
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ddd40c357390c141460865541bacb685c556ce8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ddd40c357390c141460865541bacb685c556ce8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
