Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ffc16a34 by Salvatore Bonaccorso at 2026-03-21T09:32:18+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
CVE-2026-4510 (A weakness has been identified in PbootCMS up to 3.2.12. This
impacts ...)
- TODO: check
+ NOT-FOR-US: PbootCMS
CVE-2026-4509 (A security flaw has been discovered in PbootCMS up to 3.2.12.
This aff ...)
- TODO: check
+ NOT-FOR-US: PbootCMS
CVE-2026-4508 (A vulnerability was identified in PbootCMS up to 3.2.12. The
impacted ...)
- TODO: check
+ NOT-FOR-US: PbootCMS
CVE-2026-4507 (A vulnerability was determined in Mindinventory MindSQL up to
0.2.1. T ...)
- TODO: check
+ NOT-FOR-US: Mindinventory MindSQL
CVE-2026-4506 (A vulnerability was found in Mindinventory MindSQL up to 0.2.1.
Impact ...)
- TODO: check
+ NOT-FOR-US: Mindinventory MindSQL
CVE-2026-4373 (The JetFormBuilder plugin for WordPress is vulnerable to
arbitrary fil ...)
NOT-FOR-US: WordPress plugin
CVE-2026-4302 (The WowOptin: Next-Gen Popup Maker plugin for WordPress is
vulnerable ...)
@@ -45,7 +45,7 @@ CVE-2026-3997 (The Text Toggle plugin for WordPress is
vulnerable to Stored Cros
CVE-2026-3996 (The WP Games Embed plugin for WordPress is vulnerable to Stored
Cross- ...)
NOT-FOR-US: WordPress plugin
CVE-2026-3864 (A vulnerability was discovered in the Kubernetes CSI Driver for
NFS wh ...)
- TODO: check
+ NOT-FOR-US: Kubernetes CSI Driver for NFS
CVE-2026-3651 (The Build App Online plugin for WordPress is vulnerable to
unauthorize ...)
NOT-FOR-US: WordPress plugin
CVE-2026-3645 (The Punnel \u2013 Landing Page Builder plugin for WordPress is
vulnera ...)
@@ -105,7 +105,7 @@ CVE-2026-3331 (The Lobot Slider Administrator plugin for
WordPress is vulnerable
CVE-2026-3003 (The Vagaro Booking Widget plugin for WordPress is vulnerable to
Stored ...)
NOT-FOR-US: WordPress plugin
CVE-2026-33476 (SiYuan is a personal knowledge management system. Prior to
version 3.6 ...)
- TODO: check
+ NOT-FOR-US: SiYuan
CVE-2026-33428 (Discourse is an open-source discussion platform. Prior to
versions 202 ...)
NOT-FOR-US: Discourse
CVE-2026-33427 (Discourse is an open-source discussion platform. Prior to
versions 202 ...)
@@ -129,9 +129,9 @@ CVE-2026-33251 (Discourse is an open-source discussion
platform. Prior to versio
CVE-2026-33243 (barebox is a bootloader. In barebox from version 2016.03.0 to
before v ...)
TODO: check
CVE-2026-33238 (WWBN AVideo is an open source video platform. Prior to version
26.0, t ...)
- TODO: check
+ NOT-FOR-US: WWBN AVideo
CVE-2026-33237 (WWBN AVideo is an open source video platform. Prior to version
26.0, t ...)
- TODO: check
+ NOT-FOR-US: WWBN AVideo
CVE-2026-33236 (NLTK (Natural Language Toolkit) is a suite of open source
Python modul ...)
TODO: check
CVE-2026-33231 (NLTK (Natural Language Toolkit) is a suite of open source
Python modul ...)
@@ -141,9 +141,9 @@ CVE-2026-33230 (NLTK (Natural Language Toolkit) is a suite
of open source Python
CVE-2026-33228 (flatted is a circular JSON parser. Prior to version 3.4.2, the
parse() ...)
TODO: check
CVE-2026-33226 (Budibase is a low code platform for creating internal tools,
workflows ...)
- TODO: check
+ NOT-FOR-US: Budibase
CVE-2026-33221 (Nhost is an open source Firebase alternative with GraphQL.
Prior to ve ...)
- TODO: check
+ NOT-FOR-US: Nhost
CVE-2026-33210 (Ruby JSON is a JSON implementation for Ruby. From version
2.14.0 to be ...)
TODO: check
CVE-2026-33209 (Avo is a framework to create admin panels for Ruby on Rails
apps. Prio ...)
@@ -151,21 +151,21 @@ CVE-2026-33209 (Avo is a framework to create admin panels
for Ruby on Rails apps
CVE-2026-33204 (SimpleJWT is a simple JSON web token library written in PHP.
Prior to ...)
TODO: check
CVE-2026-33203 (SiYuan is a personal knowledge management system. Prior to
version 3.6 ...)
- TODO: check
+ NOT-FOR-US: SiYuan
CVE-2026-33194 (SiYuan is a personal knowledge management system. Prior to
version 3.6 ...)
- TODO: check
+ NOT-FOR-US: SiYuan
CVE-2026-33186 (gRPC-Go is the Go language implementation of gRPC. Versions
prior to 1 ...)
TODO: check
CVE-2026-33180 (HAPI FHIR is a complete implementation of the HL7 FHIR
standard for he ...)
- TODO: check
+ NOT-FOR-US: HAPI FHIR
CVE-2026-33179 (libfuse is the reference implementation of the Linux FUSE.
From versio ...)
TODO: check
CVE-2026-33177 (Statamic is a Laravel and Git powered content management
system (CMS). ...)
- TODO: check
+ NOT-FOR-US: Statamic CMS
CVE-2026-33172 (Statamic is a Laravel and Git powered content management
system (CMS). ...)
- TODO: check
+ NOT-FOR-US: Statamic CMS
CVE-2026-33171 (Statamic is a Laravel and Git powered content management
system (CMS). ...)
- TODO: check
+ NOT-FOR-US: Statamic CMS
CVE-2026-33166 (Allure 2 is the version 2.x branch of Allure Report, a
multi-language ...)
TODO: check
CVE-2026-33165 (libde265 is an open source implementation of the h.265 video
codec. Pr ...)
@@ -187,9 +187,9 @@ CVE-2026-33147 (GMT is an open source collection of
command-line tools for manip
CVE-2026-33144 (GPAC is an open-source multimedia framework. Prior to commit
86b0e36, ...)
TODO: check
CVE-2026-33143 (OneUptime is a solution for monitoring and managing online
services. P ...)
- TODO: check
+ NOT-FOR-US: OneUptime
CVE-2026-33142 (OneUptime is a solution for monitoring and managing online
services. P ...)
- TODO: check
+ NOT-FOR-US: OneUptime
CVE-2026-32899 (OpenClaw versions prior to 2026.2.25 fail to consistently
apply sender ...)
NOT-FOR-US: OpenClaw
CVE-2026-32898 (OpenClaw versions prior to 2026.2.23 contain an authorization
bypass v ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffc16a340f396ef5f75c57058455c49e1bbaa3f0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffc16a340f396ef5f75c57058455c49e1bbaa3f0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
