Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9279fcc8 by security tracker role at 2026-03-06T08:13:39+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,25 +1,25 @@
CVE-2026-3616 (A vulnerability was detected in DefaultFuction Jeson Customer
Relation ...)
TODO: check
CVE-2026-3613 (A vulnerability was identified in Wavlink WL-NU516U1 V240425.
This vul ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2026-3612 (A vulnerability was determined in Wavlink WL-NU516U1 V240425.
This aff ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2026-3610 (A vulnerability was found in HSC Cybersecurity Mailinspector up
to 5.3 ...)
TODO: check
CVE-2026-3606 (A vulnerability has been found in Ettercap 0.8.4-Garofalo.
Affected by ...)
TODO: check
CVE-2026-2830 (The WP All Import \u2013 Drag & Drop Import for CSV, XML, Excel
& Goog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2593 (The Greenshift \u2013 animation and page builder blocks plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2589 (The Greenshift \u2013 animation and page builder blocks plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2446 (The PowerPack for LearnDash WordPress plugin before 1.3.0 does
not hav ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2331 (An attacker may perform unauthenticated read and write
operations on s ...)
- TODO: check
+ NOT-FOR-US: SICK AG
CVE-2026-2330 (An attacker may access restricted filesystem areas on the
device via t ...)
- TODO: check
+ NOT-FOR-US: SICK AG
CVE-2026-29613 (OpenClaw versions prior to 2026.2.12 contain a vulnerability
in the Bl ...)
TODO: check
CVE-2026-29612 (OpenClaw versions prior to 2026.2.14 decode base64-backed
media inputs ...)
@@ -95,43 +95,43 @@ CVE-2026-28787 (OneUptime is a solution for monitoring and
managing online servi
CVE-2026-28785 (Ghostfolio is an open source wealth management software. Prior
to vers ...)
TODO: check
CVE-2026-28727 (Local privilege escalation due to insecure Unix socket
permissions. Th ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28726 (Sensitive information disclosure due to improper access
control. The f ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28725 (Sensitive information disclosure due to improper configuration
of a he ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28724 (Unauthorized data access due to insufficient access control
validation ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28723 (Unauthorized report deletion due to insufficient access
control. The f ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28722 (Local privilege escalation due to improper soft link handling.
The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28721 (Local privilege escalation due to improper soft link handling.
The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28720 (Unauthorized modification of settings due to insufficient
authorizatio ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28719 (Unauthorized resource manipulation due to improper
authorization check ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28718 (Denial of service due to insufficient input validation in
authenticati ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28717 (Local privilege escalation due to improper directory
permissions. The ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28716 (Information disclosure and manipulation due to improper
authorization ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28715 (Sensitive information disclosure due to improper authorization
checks. ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28714 (Unnecessary transmission of sensitive cryptographic material.
The foll ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28713 (Default credentials set for local privileged user in Virtual
Appliance ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28712 (Local privilege escalation due to DLL hijacking vulnerability.
The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28711 (Local privilege escalation due to DLL hijacking vulnerability.
The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28710 (Sensitive information disclosure and manipulation due to
improper auth ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28709 (Unauthorized resource manipulation due to improper
authorization check ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-28685 (Kimai is a web-based multi-user time-tracking application.
Prior to ve ...)
TODO: check
CVE-2026-28683 (Gokapi is a self-hosted file sharing server with automatic
expiration ...)
@@ -303,7 +303,7 @@ CVE-2026-21622 (Insufficient Session Expiration
vulnerability in hexpm hexpm/hex
CVE-2026-21536 (Microsoft Devices Pricing Program Remote Code Execution
Vulnerability)
TODO: check
CVE-2026-1128 (The WP eCommerce WordPress plugin through 3.15.1 does not have
CSRF ch ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0848 (NLTK versions <=3.9.2 are vulnerable to arbitrary code
execution due t ...)
TODO: check
CVE-2025-70995 (An issue in Aranda Service Desk Web Edition (ASDK API 8.6)
allows auth ...)
@@ -329,13 +329,13 @@ CVE-2025-55289 (Chamilo is a learning management system.
Prior to version 1.11.3
CVE-2025-55208 (Chamilo is a learning management system. Versions prior to
1.11.34 hav ...)
TODO: check
CVE-2025-30413 (Credentials are not deleted from Acronis Agent after plan
revocation. ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2025-11792 (Local privilege escalation due to DLL hijacking vulnerability.
The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2025-11791 (Sensitive information disclosure and manipulation due to
insufficient ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2025-11790 (Credentials are not deleted from Acronis Agent after plan
revocation. ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-3598 (Use of a Broken or Risky Cryptographic Algorithm vulnerability
in rust ...)
NOT-FOR-US: RustDesk Server Pro (not same as src:rustdesk, itp'ed
#1038942)
CVE-2026-3459 (The Drag and Drop Multiple File Upload - Contact Form 7 plugin
for Wor ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9279fcc8817c54566109afcdf1106ff14db83dbb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9279fcc8817c54566109afcdf1106ff14db83dbb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
