Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4beb85b6 by security tracker role at 2026-03-13T20:14:33+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,289 +3,289 @@ CVE-2026-4111 (A flaw was identified in the RAR5 archive
decompression logic of
CVE-2026-4092 (Path Traversal in Clasp impacting versions < 3.2.0 allows a
remote att ...)
TODO: check
CVE-2026-4063 (The Social Icons Widget & Block by WPZOOM plugin for WordPress
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-3999 (A broken access control may allow an authenticated user to
perform a ...)
TODO: check
CVE-2026-3986 (The Calculated Fields Form plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-3873 (Use of Hard-coded Credentials vulnerability in Avantra allows
Accessin ...)
TODO: check
CVE-2026-32746 (telnetd in GNU inetutils through 2.7 allows an out-of-bounds
write in ...)
TODO: check
CVE-2026-32745 (In JetBrains Datalore before 2026.1 session hijacking was
possible due ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2026-32600 (xml-security is a library that implements XML signatures and
encryptio ...)
TODO: check
CVE-2026-32594 (Parse Server is an open source backend that can be deployed to
any inf ...)
TODO: check
CVE-2026-32543 (Missing Authorization vulnerability in CyberChimps Responsive
Blocks r ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32487 (Missing Authorization vulnerability in raratheme Lawyer
Landing Page l ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32486 (Missing Authorization vulnerability in wptravelengine Travel
Booking t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32462 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32461 (Missing Authorization vulnerability in Really Simple Plugins
Really Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32460 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32459 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32458 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32457 (Missing Authorization vulnerability in Wombat Plugins Advanced
Product ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32456 (Cross-Site Request Forgery (CSRF) vulnerability in Janis Elsts
Admin M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32455 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32454 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32453 (Missing Authorization vulnerability in ThemeFusion Avada Core
fusion-c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32452 (Missing Authorization vulnerability in ThemeFusion Fusion
Builder fusi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32451 (Missing Authorization vulnerability in ThemeFusion Fusion
Builder fusi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32450 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32449 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32448 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32447 (Missing Authorization vulnerability in Vito Peleg Atarim
atarim-visual ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32446 (Missing Authorization vulnerability in Syed Balkhi Contact
Form by WPF ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32445 (Missing Authorization vulnerability in Elementor Elementor
Website Bui ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32443 (Cross-Site Request Forgery (CSRF) vulnerability in Josh
Kohlbach Produ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32442 (Missing Authorization vulnerability in E2Pdf e2pdf e2pdf
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32440 (Missing Authorization vulnerability in Ex-Themes WP Food
wp-food allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32439 (Missing Authorization vulnerability in WebGeniusLab BigHearts
bigheart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32438 (Missing Authorization vulnerability in vowelweb VW School
Education vw ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32437 (Missing Authorization vulnerability in vowelweb VW Portfolio
vw-portfo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32436 (Missing Authorization vulnerability in vowelweb VW Photography
vw-phot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32435 (Missing Authorization vulnerability in vowelweb VW Pet Shop
vw-pet-sho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32434 (Missing Authorization vulnerability in vowelweb VW Fitness
vw-fitness ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32433 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32432 (Missing Authorization vulnerability in codepeople WP Time
Slots Bookin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32431 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32430 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32429 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32428 (Missing Authorization vulnerability in Ays Pro Popup Like box
ays-face ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32427 (Missing Authorization vulnerability in vowelweb VW Education
Lite vw-e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32426 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32425 (Missing Authorization vulnerability in linknacional Payment
Gateway Pi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32424 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32423 (Missing Authorization vulnerability in Bowo Admin and Site
Enhancement ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32422 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32421 (Missing Authorization vulnerability in Agile Logix Post
Timeline post- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32420 (Cross-Site Request Forgery (CSRF) vulnerability in Ruben
Garcia GamiPr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32419 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32418 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32417 (Missing Authorization vulnerability in wppochipp Pochipp
pochipp allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32416 (Missing Authorization vulnerability in bPlugins PDF Poster
pdf-poster ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32415 (Path Traversal: '.../...//' vulnerability in Bogdan Bendziukov
Squeeze ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32414 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32413 (Missing Authorization vulnerability in Maciej Bis Permalink
Manager Li ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32412 (Server-Side Request Forgery (SSRF) vulnerability in Gift Up!
Gift Up G ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32411 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32410 (Missing Authorization vulnerability in WBW Plugins WBW
Currency Switch ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32409 (Missing Authorization vulnerability in WPMU DEV - Your
All-in-One Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32408 (Missing Authorization vulnerability in themefusecom Brizy
brizy allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32407 (Missing Authorization vulnerability in WPClever WPC Smart
Wishlist for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32406 (Missing Authorization vulnerability in WPClever WPC Product
Bundles fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32405 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32404 (Missing Authorization vulnerability in Studio99 Studio99 WP
Monitor st ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32403 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32402 (Missing Authorization vulnerability in Ays Pro Image Slider by
Ays ays ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32401 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32400 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32399 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32398 (Concurrent Execution using Shared Resource with Improper
Synchronizati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32397 (Missing Authorization vulnerability in YMC Filter & Grids
ymc-smart-fi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32396 (Missing Authorization vulnerability in RadiusTheme Team
tlp-team allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32395 (Missing Authorization vulnerability in Xpro Xpro Addons For
Beaver Bui ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32394 (Missing Authorization vulnerability in PublishPress
PublishPress Capab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32393 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32392 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32391 (Missing Authorization vulnerability in linethemes SmartFix
smartfix al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32390 (Missing Authorization vulnerability in linethemes Nanosoft
nanosoft al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32388 (Missing Authorization vulnerability in linethemes GLB glb
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32387 (Missing Authorization vulnerability in Noor Alam Checkout for
PayPal c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32386 (Missing Authorization vulnerability in EnvoThemes Envo Extra
envo-extr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32385 (Missing Authorization vulnerability in Metagauss
RegistrationMagic cus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32384 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32383 (Missing Authorization vulnerability in raratheme Ridhi ridhi
allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32382 (Missing Authorization vulnerability in raratheme Digital
Download digi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32381 (Missing Authorization vulnerability in raratheme App Landing
Page app- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32380 (Missing Authorization vulnerability in raratheme Numinous
numinous all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32379 (Missing Authorization vulnerability in raratheme Rara Academic
rara-ac ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32378 (Missing Authorization vulnerability in raratheme Book Landing
Page boo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32377 (Missing Authorization vulnerability in raratheme Pranayama
Yoga pranay ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32376 (Missing Authorization vulnerability in raratheme Kalon kalon
allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32375 (Missing Authorization vulnerability in raratheme Travel
Diaries travel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32374 (Missing Authorization vulnerability in raratheme The Minimal
the-minim ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32373 (Missing Authorization vulnerability in Cozy Vision SMS Alert
Order Not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32372 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32371 (Missing Authorization vulnerability in raratheme Elegant Pink
elegant- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32370 (Missing Authorization vulnerability in raratheme Influencer
influencer ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32369 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32368 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32367 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32366 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32365 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32364 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32363 (Missing Authorization vulnerability in Funlus Oy WPLifeCycle
free-php- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32362 (Missing Authorization vulnerability in activity-log.com WP
Sessions Ti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32361 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32360 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32359 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32358 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32357 (Server-Side Request Forgery (SSRF) vulnerability in Katsushi
Kawamori ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32356 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32355 (Deserialization of Untrusted Data vulnerability in Crocoblock
JetEngin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32354 (Insertion of Sensitive Information Into Sent Data
vulnerability in mag ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32353 (Server-Side Request Forgery (SSRF) vulnerability in
MailerPress Team M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32352 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32351 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32350 (Missing Authorization vulnerability in wpradiant Chocolate
House choco ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32349 (Server-Side Request Forgery (SSRF) vulnerability in Andy
Fragen Embed ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32348 (Missing Authorization vulnerability in MadrasThemes MAS Videos
masvide ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32347 (Missing Authorization vulnerability in raratheme Restaurant
and Cafe r ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32346 (Missing Authorization vulnerability in raratheme Travel Agency
travel- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32345 (Missing Authorization vulnerability in raratheme Perfect
Portfolio per ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32344 (Cross-Site Request Forgery (CSRF) vulnerability in
desertthemes Corpiv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32343 (Cross-Site Request Forgery (CSRF) vulnerability in Magazine3
Easy Tabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32342 (Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro
Quiz Maker ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32341 (Missing Authorization vulnerability in raratheme Benevolent
benevolent ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32340 (Missing Authorization vulnerability in raratheme Business One
Page bus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32339 (Missing Authorization vulnerability in raratheme Bakes And
Cakes bakes ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32338 (Missing Authorization vulnerability in raratheme Construction
Landing ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32337 (Missing Authorization vulnerability in raratheme Preschool and
Kinderg ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32336 (Missing Authorization vulnerability in raratheme Rara Business
rara-bu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32335 (Missing Authorization vulnerability in raratheme The
Conference the-co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32334 (Missing Authorization vulnerability in raratheme JobScout
jobscout all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32332 (Missing Authorization vulnerability in Ays Pro Easy Form
easy-form all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32331 (Missing Authorization vulnerability in Israpil Textmetrics
webtexttool ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32330 (Cross-Site Request Forgery (CSRF) vulnerability in 10Web Photo
Gallery ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32329 (Missing Authorization vulnerability in Ays Pro Advanced
Related Posts ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32328 (Cross-Site Request Forgery (CSRF) vulnerability in
shufflehound Lemmon ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32314 (Yamux is a stream multiplexer over reliable, ordered
connections such ...)
TODO: check
CVE-2026-32313 (xmlseclibs is a library written in PHP for working with XML
Encryption ...)
@@ -295,17 +295,17 @@ CVE-2026-31949 (LibreChat is a ChatGPT clone with
additional features. Prior to
CVE-2026-31944 (LibreChat is a ChatGPT clone with additional features. From
0.8.2 to 0 ...)
TODO: check
CVE-2026-31922 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-31919 (Missing Authorization vulnerability in Josh Kohlbach Advanced
Coupons ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-31918 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-31917 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-31916 (Missing Authorization vulnerability in Iulia Cazan Latest Post
Shortco ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-31915 (Missing Authorization vulnerability in UX-themes Flatsome
flatsome all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-31899 (CairoSVG is an SVG converter based on Cairo, a 2D graphics
library. Pr ...)
TODO: check
CVE-2026-31897 (FreeRDP is a free implementation of the Remote Desktop
Protocol. Prior ...)
@@ -341,13 +341,13 @@ CVE-2026-30914 (SFTPGo is an open source, event-driven
file transfer solution. I
CVE-2026-30853 (calibre is a cross-platform e-book manager for viewing,
converting, ed ...)
TODO: check
CVE-2026-2888 (The Formidable Forms plugin for WordPress is vulnerable to an
authoriz ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2879 (The GetGenie plugin for WordPress is vulnerable to Insecure
Direct Obj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2859 (Improper permission enforcement in Checkmk versions 2.4.0
before 2.4.0 ...)
TODO: check
CVE-2026-2257 (The GetGenie plugin for WordPress is vulnerable to Insecure
Direct Obj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-29776 (FreeRDP is a free implementation of the Remote Desktop
Protocol. Prior ...)
TODO: check
CVE-2026-29775 (FreeRDP is a free implementation of the Remote Desktop
Protocol. Prior ...)
@@ -371,17 +371,17 @@ CVE-2026-23941 (Inconsistent Interpretation of HTTP
Requests ('HTTP Request Smug
CVE-2026-23940 (Uncontrolled Resource Consumption vulnerability in hexpm
hexpm/hexpm a ...)
TODO: check
CVE-2026-1668 (The web interface on multiple Omada switches does not
adequately valid ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-0957 (There is a memory corruption vulnerability due to an
out-of-bounds wri ...)
- TODO: check
+ NOT-FOR-US: National Instruments
CVE-2026-0956 (There is a memory corruption vulnerability due to an
out-of-bounds rea ...)
- TODO: check
+ NOT-FOR-US: National Instruments
CVE-2026-0955 (There is a memory corruption vulnerability due to an
out-of-bounds rea ...)
- TODO: check
+ NOT-FOR-US: National Instruments
CVE-2026-0954 (There is a memory corruption vulnerability due to an
out-of-bounds wri ...)
- TODO: check
+ NOT-FOR-US: National Instruments
CVE-2026-0835 (IBM Sterling B2B Integrator and IBM Sterling File Gateway
6.1.0.0 thro ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-71263 (In UNIX Fourth Research Edition (v4), the su command is
vulnerable to ...)
TODO: check
CVE-2025-66249 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
@@ -389,41 +389,41 @@ CVE-2025-66249 (Improper Limitation of a Pathname to a
Restricted Directory ('Pa
CVE-2025-60012 (Malicious configuration can lead to unauthorized file access
in Apache ...)
TODO: check
CVE-2025-36368 (IBM Sterling B2B Integrator and IBM Sterling File Gateway
6.1.0.0 thro ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-14811 (IBM Sterling Partner Engagement Manager 6.2.3.0 through
6.2.3.5 and 6. ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-14504 (IBM Sterling B2B Integrator and IBM Sterling File Gateway
6.1.0.0 thro ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-14483 (IBM Sterling B2B Integratorand IBM Sterling File
Gateway6.1.0.0 throug ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13779 (Missing authentication for critical function vulnerability in
ABB AWIN ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2025-13778 (Missing authentication for critical function vulnerability in
ABB AWIN ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2025-13777 (Authentication bypass by capture-replay vulnerability in ABB
AWIN GW10 ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2025-13726 (IBM Sterling Partner Engagement Manager 6.2.3.0 through
6.2.3.5 and 6. ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13723 (IBM Sterling Partner Engagement Manager 6.2.3.0 through
6.2.3.5 and 6. ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13718 (IBM Sterling Partner Engagement Manager 6.2.3.0 through
6.2.3.5 and 6. ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13702 (IBM Sterling Partner Engagement Manager 6.2.3.0 through
6.2.3.5 and 6. ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13460 (IBM Aspera Console 3.3.0 through 3.4.8 could allow an attacker
to enum ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13459 (IBM Aspera Console 3.3.0 through 3.4.8 could allow a
privileged user t ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13212 (IBM Aspera Console 3.3.0 through 3.4.8 could allow an
authenticated us ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-12455 (Observable response discrepancy vulnerability in
OpenText\u2122 Vertic ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2025-12454 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2025-12453 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2023-40693 (IBM Sterling B2B Integratorand IBM Sterling File
Gateway6.1.0.0 throug ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-4105 (A flaw was found in systemd. The systemd-machined service
contains an ...)
- systemd 260~rc3-1
[trixie] - systemd <no-dsa> (Only exloitable with custom polkit policy
that allows register-machine access)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4beb85b6c11c76381f01d628408236e0bf7bf816
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4beb85b6c11c76381f01d628408236e0bf7bf816
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
