[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Tue, 03 Mar 2026 00:13:40 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2148c859 by security tracker role at 2026-03-03T08:13:22+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2026-3455 (Versions of the package mailparser before 3.9.3 are vulnerable 
to Cros ...)
+       TODO: check
+CVE-2026-3449 (Versions of the package @tootallnate/once before 3.0.1 are 
vulnerable  ...)
+       TODO: check
+CVE-2026-3338 (Improper signature validation in PKCS7_verify() in AWS-LC 
allows an un ...)
+       TODO: check
+CVE-2026-3337 (Observable timing discrepancy in AES-CCM decryption in AWS-LC 
allows a ...)
+       TODO: check
+CVE-2026-3336 (Improper certificate validation in PKCS7_verify() in AWS-LC 
allows an  ...)
+       TODO: check
+CVE-2026-2628 (The All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login 
plugin fo ...)
+       TODO: check
+CVE-2026-2583 (The Blocksy theme for WordPress is vulnerable to Stored 
Cross-Site Scr ...)
+       TODO: check
+CVE-2026-2448 (The Page Builder by SiteOrigin plugin for WordPress is 
vulnerable to L ...)
+       TODO: check
+CVE-2026-2269 (The Uncanny Automator \u2013 Easy Automation, Integration, 
Webhooks &  ...)
+       TODO: check
+CVE-2026-2256 (A command injection vulnerability in ModelScope's ms-agent 
versions v1 ...)
+       TODO: check
+CVE-2026-20801 (Cleartext Transmission of Sensitive Information (CWE-319) ina 
componen ...)
+       TODO: check
+CVE-2026-20757 (Improper Lockingvulnerability (CWE-667) inGallagher Morpho 
integration ...)
+       TODO: check
+CVE-2026-1876 (Improper Resource Shutdown or Release vulnerability in 
Mitsubishi Elec ...)
+       TODO: check
+CVE-2026-1875 (Improper Resource Shutdown or Release vulnerability in 
Mitsubishi Elec ...)
+       TODO: check
+CVE-2026-1874 (Always-Incorrect Control Flow Implementation vulnerability in 
Mitsubis ...)
+       TODO: check
+CVE-2026-1566 (The LatePoint \u2013 Calendar Booking Plugin for Appointments 
and Even ...)
+       TODO: check
+CVE-2026-1492 (The User Registration & Membership \u2013 Custom Registration 
Form Bui ...)
+       TODO: check
+CVE-2026-1487 (The LatePoint \u2013 Calendar Booking Plugin for Appointments 
and Even ...)
+       TODO: check
+CVE-2026-1336 (The AI ChatBot with ChatGPT and Content Generator by AYS plugin 
for Wo ...)
+       TODO: check
+CVE-2026-0754 (An embedded test key and certificate could be extracted from a 
Poly Vo ...)
+       TODO: check
+CVE-2025-47147 (Cleartext Storage of Sensitive Information (CWE-312) in the 
Command Ce ...)
+       TODO: check
+CVE-2025-15595 (Privilege escalation via dll hijacking in Inno Setup 6.2.1 and 
ealier  ...)
+       TODO: check
+CVE-2025-12345 (A security vulnerability has been detected in LLM-Claw 
0.1.0/0.1.1/0.1 ...)
+       TODO: check
 CVE-2026-3442
        - binutils <unfixed> (unimportant)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2443828
@@ -31306,7 +31352,7 @@ CVE-2025-11009 (Cleartext Storage of Sensitive 
Information vulnerability in Mits
 CVE-2025-0852
        REJECTED
 CVE-2025-14180 (In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 
8.3.* before ...)
-       {DSA-6088-1}
+       {DSA-6154-1 DSA-6088-1}
        - php8.4 8.4.16-1 (bug #1123574)
        - php8.2 <removed>
        - php7.4 <not-affected> (Vulnerable code introduced later)
@@ -31314,7 +31360,7 @@ CVE-2025-14180 (In PHP versions 8.1.* before 8.1.34, 
8.2.* before 8.2.30, 8.3.*
        NOTE: Fixed by: 
https://github.com/php/php-src/commit/d521259e44288146aa3dc692bdf234cf45a4bd86 
(php-8.4.16)
        NOTE: Introduced by: 
https://github.com/php/php-src/commit/d521259e44288146aa3dc692bdf234cf45a4bd86 
(php-8.1.0RC1)
 CVE-2025-14178 (In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 
8.3.* before ...)
-       {DSA-6088-1 DLA-4447-1}
+       {DSA-6154-1 DSA-6088-1 DLA-4447-1}
        - php8.4 8.4.16-1 (bug #1123574)
        - php8.2 <removed>
        - php7.4 <removed>
@@ -31322,7 +31368,7 @@ CVE-2025-14178 (In PHP versions:8.1.* before 8.1.34, 
8.2.* before 8.2.30, 8.3.*
        NOTE: Fixed by: 
https://github.com/php/php-src/commit/e6d7d34c1ae46281993036189e3bcb6528911ce8 
(php-8.4.16)
        NOTE: Introduced by: 
https://github.com/php/php-src/commit/a08723d3d313445191470c19e12235a56165600a 
(php-7.2.0RC1)
 CVE-2025-14177 (In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 
8.3.* before ...)
-       {DSA-6088-1}
+       {DSA-6154-1 DSA-6088-1}
        - php8.4 8.4.16-1 (bug #1123574)
        - php8.2 <removed>
        - php7.4 <not-affected> (Vulnerable code introduced later)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2148c859f6a08c057db3c1d6839ecc1ca2638287

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2148c859f6a08c057db3c1d6839ecc1ca2638287
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to