Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9b9b10b5 by security tracker role at 2026-03-18T20:14:15+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
CVE-2026-4396 (Improper certificate validation in Devolutions Hub Reporting
Service ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2026-3479 (pkgutil.get_data() did not validate the resource argument as
documente ...)
TODO: check
CVE-2026-3278 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2026-3090 (The Post SMTP \u2013 Complete Email Deliverability and SMTP
Solution w ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-33265 (In LibreChat 0.8.1-rc2, a logged-in user obtains a JWT for
both the Li ...)
TODO: check
CVE-2026-33004 (Jenkins LoadNinja Plugin 2.1 and earlier does not mask
LoadNinja API k ...)
- TODO: check
+ NOT-FOR-US: Jenkins (core or plugin)
CVE-2026-33003 (Jenkins LoadNinja Plugin 2.1 and earlier stores LoadNinja API
keys une ...)
- TODO: check
+ NOT-FOR-US: Jenkins (core or plugin)
CVE-2026-33002 (Jenkins 2.442 through 2.554 (both inclusive), LTS 2.426.3
through LTS ...)
- TODO: check
+ NOT-FOR-US: Jenkins (core or plugin)
CVE-2026-33001 (Jenkins 2.554 and earlier, LTS 2.541.2 and earlier does not
safely han ...)
- TODO: check
+ NOT-FOR-US: Jenkins (core or plugin)
CVE-2026-32694 (In Juju from version 3.0.0 through 3.6.18, when a secret owner
grants ...)
TODO: check
CVE-2026-32693 (In Juju from version 3.0.0 through 3.6.18, the authorization
of the "s ...)
@@ -37,7 +37,7 @@ CVE-2026-32610 (Glances is an open-source system
cross-platform monitoring tool.
CVE-2026-32609 (Glances is an open-source system cross-platform monitoring
tool. The G ...)
TODO: check
CVE-2026-32565 (Missing Authorization vulnerability in WebberZone Contextual
Related P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-31971 (HTSlib is a library for reading and writing bioinformatics
file format ...)
TODO: check
CVE-2026-31970 (HTSlib is a library for reading and writing bioinformatics
file format ...)
@@ -73,13 +73,13 @@ CVE-2026-30345 (A zip slip vulnerability in the Admin
import functionality of CT
CVE-2026-30048 (A stored cross-site scripting (XSS) vulnerability exists in
the NotCha ...)
TODO: check
CVE-2026-2992 (The KiviCare \u2013 Clinic & Patient Management System (EHR)
plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2991 (The KiviCare \u2013 Clinic & Patient Management System (EHR)
plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2559 (The Post SMTP plugin for WordPress is vulnerable to
unauthorized modif ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2512 (The Code Embed plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-29859 (An arbitrary file upload vulnerability in aaPanel v7.57.0
allows attac ...)
TODO: check
CVE-2026-29858 (A lack of path validation in aaPanel v7.57.0 allows attackers
to execu ...)
@@ -89,21 +89,21 @@ CVE-2026-29856 (An issue in the VirtualHost configuration
handling/parser compon
CVE-2026-27135 (nghttp2 is an implementation of the Hypertext Transfer
Protocol versio ...)
TODO: check
CVE-2026-26948 (Dell Integrated Dell Remote Access Controller 9, 14G versions
prior to ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-26945 (Dell Integrated Dell Remote Access Controller 9, 14G versions
prior to ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-26740 (Buffer Overflow vulnerability in giflib v.5.2.2 allows a
remote attack ...)
TODO: check
CVE-2026-25449 (Deserialization of Untrusted Data vulnerability in Shinetheme
Traveler ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24063 (When a plugin is installed using the Arturia Software Center
(MacOS), ...)
TODO: check
CVE-2026-24062 (The "Privileged Helper" component of the Arturia Software
Center (MacO ...)
TODO: check
CVE-2026-1463 (The Photo Gallery, Sliders, Proofing and Themes \u2013 NextGEN
Gallery ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1217 (The Yoast Duplicate Post plugin for WordPress is vulnerable to
unautho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0866
REJECTED
CVE-2025-67830 (Mura before 10.1.14 allows beanFeed.cfc getQuery sortby SQL
injection.)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b9b10b5603ea8c12453f862ded434a014fc8da9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b9b10b5603ea8c12453f862ded434a014fc8da9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
