Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
392759d0 by security tracker role at 2026-03-12T08:14:30+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2026-4014 (A security flaw has been discovered in itsourcecode Cafe
Reservation S ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-4013 (A vulnerability was identified in SourceCodester Web-based
Pharmacy Pr ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-4012 (A vulnerability was determined in rxi fe up to
ed4cda96bd582cbb0852096 ...)
TODO: check
CVE-2026-4010 (A vulnerability was found in ThakeeNathees pocketlang up to
cc73ca61b1 ...)
@@ -9,47 +9,47 @@ CVE-2026-4010 (A vulnerability was found in ThakeeNathees
pocketlang up to cc73c
CVE-2026-4009 (A vulnerability has been found in jarikomppa soloud up to
20200207. Im ...)
TODO: check
CVE-2026-4008 (A flaw has been found in Tenda W3 1.0.0.3(2204). This issue
affects so ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-4007 (A vulnerability was detected in Tenda W3 1.0.0.3(2204). This
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-3994 (A vulnerability was detected in rui314 mold up to 2.40.4. This
issue a ...)
TODO: check
CVE-2026-3993 (A security vulnerability has been detected in itsourcecode
Payroll Man ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-3992 (A weakness has been identified in CodeGenieApp
serverless-express up t ...)
TODO: check
CVE-2026-3990 (A security flaw has been discovered in CesiumGS CesiumJS up to
1.137.0 ...)
TODO: check
CVE-2026-3984 (A weakness has been identified in Campcodes Division Regional
Athletic ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2026-3983 (A security flaw has been discovered in Campcodes Division
Regional Ath ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2026-3982 (A vulnerability was determined in itsourcecode University
Management S ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-3981 (A vulnerability was found in itsourcecode Online Doctor
Appointment Sy ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-3980 (A vulnerability has been found in itsourcecode Online Doctor
Appointme ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-3979 (A flaw has been found in quickjs-ng quickjs up to 0.12.1. This
affects ...)
TODO: check
CVE-2026-3978 (A vulnerability was detected in D-Link DIR-513 1.10. The
impacted elem ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-3977 (A security vulnerability has been detected in projectsend up to
r1945. ...)
TODO: check
CVE-2026-3976 (A weakness has been identified in Tenda W3 1.0.0.3(2204).
Impacted is ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-3975 (A security flaw has been discovered in Tenda W3 1.0.0.3(2204).
This is ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-3974 (A vulnerability was identified in Tenda W3 1.0.0.3(2204). This
vulnera ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-3973 (A vulnerability was determined in Tenda W3 1.0.0.3(2204). This
affects ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-3972 (A vulnerability was found in Tenda W3 1.0.0.3(2204). Affected
by this ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-3971 (A vulnerability has been found in Tenda i3 1.0.0.6(2204).
Affected by ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-3970 (A flaw has been found in Tenda i3 1.0.0.6(2204). Affected is
the funct ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-3969 (A vulnerability was detected in FeMiner wms up to 1.0. This
impacts an ...)
TODO: check
CVE-2026-3968 (A vulnerability has been found in AutohomeCorp frostmourne up
to 1.0. ...)
@@ -137,9 +137,9 @@ CVE-2026-3914 (Integer overflow in WebML in Google Chrome
prior to 146.0.7680.71
CVE-2026-3913 (Heap buffer overflow in WebML in Google Chrome prior to
146.0.7680.71 ...)
TODO: check
CVE-2026-3657 (The My Sticky Bar plugin for WordPress is vulnerable to SQL
injection ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-3226 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress
is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-32136 (AdGuard Home is a network-wide software for blocking ads and
tracking. ...)
TODO: check
CVE-2026-32133 (2FAuth is a web app to manage Two-Factor Authentication (2FA)
accounts ...)
@@ -153,21 +153,21 @@ CVE-2026-32130 (ZITADEL is an open source identity
management platform. From 2.6
CVE-2026-32128 (FastGPT is an AI Agent building platform. In 4.14.7 and
earlier, FastG ...)
TODO: check
CVE-2026-32127 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-32126 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-32125 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-32124 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-32123 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-32122 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-32121 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-32118 (OpenEMR is a free and open source electronic health records
and medica ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2026-32117 (The grafanacubism-panel plugin allows use of cubism.js in
Grafana. In ...)
TODO: check
CVE-2026-32112 (ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the
ha-mcp OAut ...)
@@ -195,33 +195,33 @@ CVE-2026-31988 (yauzl (aka Yet Another Unzip Library)
version 3.2.0 for Node.js
CVE-2026-2808 (HashiCorp Consul and Consul Enterprise 1.18.20 up to 1.21.10
and 1.22. ...)
TODO: check
CVE-2026-2687 (The Reading progressbar WordPress plugin before 1.3.1 does not
sanitis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2640 (During an internal security assessment, a potential
vulnerability was ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2026-2368 (An improper certificate validation vulnerability was reported
in the L ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2026-27591 (Winter is a free, open-source content management system (CMS)
based on ...)
TODO: check
CVE-2026-1878 (An Insufficient Integrity Verification vulnerability in the
ASUS ROG p ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2026-1717 (An input validation vulnerability was reported in the
LenovoProductivi ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2026-1716 (An input validation vulnerability was reported in the
DeviceSettingsSy ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2026-1715 (An input validation vulnerability was reported in the
DeviceSettingsSy ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2026-1653 (A potential divide by zero vulnerability was reported in the
Lenovo Vi ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2026-1652 (A potential buffer overflow vulnerability was reported in the
Lenovo V ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2026-1182 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
TODO: check
CVE-2026-1068 (An improper certificate validation vulnerability was reported
in the L ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2026-0940 (A potential improper initialization vulnerability was reported
in the ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2026-0520 (A potential vulnerability was reported in the Lenovo FileZ
Android app ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-70041 (An issue pertaining to CWE-259: Use of Hard-coded Password was
discove ...)
TODO: check
CVE-2025-70024 (An issue pertaining to CWE-89: Improper Neutralization of
Special Elem ...)
@@ -229,17 +229,17 @@ CVE-2025-70024 (An issue pertaining to CWE-89: Improper
Neutralization of Specia
CVE-2025-66956 (Insecure Access Control in Contact Plan, E-Mail, SMS and Fax
component ...)
TODO: check
CVE-2025-62328 (HCL Nomad server on Domino did not configure the
frame-ancestors direc ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-59388 (A use of hard-coded password vulnerability has been reported
to affect ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-15473 (The Timetics WordPress plugin before 1.0.52 does not have
authorizati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15038 (An Out-of-Bounds Read vulnerability exists in the ASUS
Business System ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2025-15037 (An Incorrect Permission Assignment vulnerability exists in the
ASUS Bu ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2023-43010 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-2436
- libsoup3 <unfixed>
- libsoup2.4 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/392759d00e42831602b25e20293d731461f7d08c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/392759d00e42831602b25e20293d731461f7d08c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
