Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a8c27cc8 by Moritz Muehlenhoff at 2026-03-16T10:01:09+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,27 +1,27 @@
CVE-2026-4255 (A DLL search order hijacking vulnerability in Thermalright
TR-VISION H ...)
- TODO: check
+ NOT-FOR-US: Thermalright TR-VISION
CVE-2026-4226 (A weakness has been identified in LB-LINK BL-WR9000 2.4.9. The
affecte ...)
- TODO: check
+ NOT-FOR-US: LB-LINK BL-WR9000
CVE-2026-4225 (A security flaw has been discovered in CMS Made Simple up to
2.2.21. I ...)
- TODO: check
+ NOT-FOR-US: CMS Made SimpleLB-LINK BL-WR9000
CVE-2026-4223 (A vulnerability was identified in itsourcecode Payroll
Management Syst ...)
NOT-FOR-US: itsourcecode System
CVE-2026-4222 (A vulnerability was determined in SSCMS up to 7.4.0. This
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: SSCMS
CVE-2026-4221 (A vulnerability was found in Tiandy Easy7 Integrated Management
Platfo ...)
- TODO: check
+ NOT-FOR-US: Tiandy Easy7
CVE-2026-4220 (A vulnerability has been found in Technologies Integrated
Management P ...)
- TODO: check
+ NOT-FOR-US: Technologies Integrated Management Platform
CVE-2026-4219 (A flaw has been found in INDEX Conferences & Exhibitions
Organization ...)
- TODO: check
+ NOT-FOR-US: INDEX Conferences & Exhibitions Organization YWF BPOF APGCS
App
CVE-2026-4218 (A vulnerability was detected in myAEDES App up to 1.18.4 on
Android. A ...)
- TODO: check
+ NOT-FOR-US: myAEDES App
CVE-2026-4217 (A security vulnerability has been detected in XREAL Nebula App
up to 3 ...)
- TODO: check
+ NOT-FOR-US: XREAL Nebula App
CVE-2026-4216 (A weakness has been identified in i-SENS SmartLog App up to
2.6.8 on A ...)
- TODO: check
+ NOT-FOR-US: i-SENS SmartLog App
CVE-2026-4215 (A security flaw has been discovered in FlowCI flow-core-x up to
1.23.0 ...)
- TODO: check
+ NOT-FOR-US: FlowCI flow-core-x
CVE-2026-4214 (A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L,
DNS-320, ...)
NOT-FOR-US: D-Link
CVE-2026-4213 (A vulnerability was detected in D-Link DNS-120, DNR-202L,
DNS-315L, DN ...)
@@ -45,13 +45,13 @@ CVE-2026-4204 (A flaw has been found in D-Link DNS-120,
DNR-202L, DNS-315L, DNS-
CVE-2026-4203 (A vulnerability was detected in D-Link DNS-120, DNR-202L,
DNS-315L, DN ...)
NOT-FOR-US: D-Link
CVE-2026-4201 (A weakness has been identified in glowxq glowxq-oj up to
6f7c723090472 ...)
- TODO: check
+ NOT-FOR-US: glowxq-oj
CVE-2026-4200 (A security flaw has been discovered in glowxq glowxq-oj up to
6f7c7230 ...)
- TODO: check
+ NOT-FOR-US: glowxq-oj
CVE-2026-4199 (A vulnerability was identified in bazinga012 mcp_code_executor
up to 0 ...)
- TODO: check
+ NOT-FOR-US: bazinga012 mcp_code_executor
CVE-2026-4198 (A vulnerability was determined in hypermodel-labs
mcp-server-auto-comm ...)
- TODO: check
+ NOT-FOR-US: hypermodel-labs mcp-server-auto-commit
CVE-2026-4197 (A vulnerability was found in D-Link DNS-120, DNR-202L,
DNS-315L, DNS-3 ...)
NOT-FOR-US: D-Link
CVE-2026-4196 (A vulnerability has been found in D-Link DNS-120, DNR-202L,
DNS-315L, ...)
@@ -63,19 +63,19 @@ CVE-2026-4194 (A vulnerability was detected in D-Link
DNS-120, DNR-202L, DNS-315
CVE-2026-4193 (A security vulnerability has been detected in D-Link DIR-823G
1.0.2B05 ...)
NOT-FOR-US: D-Link
CVE-2026-4192 (A vulnerability has been found in AvinashBole quip-mcp-server
1.0.0. A ...)
- TODO: check
+ NOT-FOR-US: hypermodel-labs mcp-server-auto-commonAvinashBole
quip-mcp-server
CVE-2026-4191 (A flaw has been found in JawherKl node-api-postgres up to 2.5.
Affecte ...)
TODO: check
CVE-2026-4190 (A vulnerability was detected in JawherKl node-api-postgres up
to 2.5. ...)
TODO: check
CVE-2026-4189 (A weakness has been identified in phpipam up to 1.7.4. The
impacted el ...)
- TODO: check
+ - phpipam <itp> (bug #731713)
CVE-2026-4188 (A security flaw has been discovered in D-Link DIR-619L 2.06B01.
The af ...)
NOT-FOR-US: D-Link
CVE-2026-4187 (A vulnerability was identified in Tiandy Easy7 Integrated
Management P ...)
- TODO: check
+ NOT-FOR-US: Tiandy Easy7
CVE-2026-4186 (A vulnerability was determined in UEditor up to 1.4.3.2. This
issue af ...)
- TODO: check
+ NOT-FOR-US: UEditor
CVE-2026-4185 (A vulnerability was found in GPAC up to
2.5-DEV-rev2167-gcc9d617c0-mas ...)
TODO: check
CVE-2026-4184 (A vulnerability was detected in D-Link DIR-816 1.10CNB05.
Affected by ...)
@@ -89,7 +89,7 @@ CVE-2026-4181 (A security flaw has been discovered in D-Link
DIR-816 1.10CNB05.
CVE-2026-4180 (A vulnerability was identified in D-Link DIR-816 1.10CNB05. The
impact ...)
NOT-FOR-US: D-Link
CVE-2026-4175 (A vulnerability was determined in Aureus ERP up to 1.3.0-BETA2.
The af ...)
- TODO: check
+ NOT-FOR-US: Aureus ERP
CVE-2026-4174 (A vulnerability has been found in Radare2 5.9.9. This issue
affects th ...)
TODO: check
CVE-2026-4173 (A flaw has been found in CodePhiliaX Chat2DB up to 0.3.7. This
vulnera ...)
@@ -1980,6 +1980,7 @@ CVE-2026-31815 (Unicorn adds modern reactive component
functionality to your Dja
NOT-FOR-US: Django Unicorn
CVE-2026-31812 (Quinn is a pure-Rust, async-compatible implementation of the
IETF QUIC ...)
- rust-quinn-proto 0.11.14-1
+ NOTE: https://rustsec.org/advisories/RUSTSEC-2026-0037.html
NOTE:
https://github.com/quinn-rs/quinn/security/advisories/GHSA-6xvm-j4wr-6v98
NOTE: https://github.com/quinn-rs/quinn/pull/2558
NOTE: Fixed by:
https://github.com/quinn-rs/quinn/commit/655a8ad094e4fad463c90c4666c62db7de56384b
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8c27cc85f72e19e679c192243bae7df2705eac0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8c27cc85f72e19e679c192243bae7df2705eac0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
