Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9b604b87 by security tracker role at 2026-03-25T20:14:06+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,23 +13,23 @@ CVE-2026-3988 (GitLab has remediated an issue in GitLab
CE/EE affecting all vers
CVE-2026-3857 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
TODO: check
CVE-2026-3218 (Improper Neutralization of Input During Web Page Generation
("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3217 (Improper Neutralization of Input During Web Page Generation
("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3216 (Server-Side Request Forgery (SSRF) vulnerability in Drupal
Drupal Canv ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3215 (Improper Neutralization of Input During Web Page Generation
("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3214 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3213 (Improper Neutralization of Input During Web Page Generation
("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3212 (Improper Neutralization of Input During Web Page Generation
("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3211 (Cross-Site Request Forgery (CSRF) vulnerability in Drupal Theme
Negoti ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3210 (Incorrect Authorization vulnerability in Drupal Material Icons
allows ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3126
REJECTED
CVE-2026-34085 (fontconfig before 2.17.1 has an off-by-one error in allocation
during ...)
@@ -71,145 +71,145 @@ CVE-2026-33217 (NATS-Server is a High-Performance server
for NATS.io, a cloud an
CVE-2026-33216 (NATS-Server is a High-Performance server for NATS.io, a cloud
and edge ...)
TODO: check
CVE-2026-32573 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32567 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32562 (Missing Authorization vulnerability in WP Folio Team PPWP
password-pro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32546 (Missing Authorization vulnerability in StellarWP Restrict
Content rest ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32545 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32544 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32542 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32541 (Missing Authorization vulnerability in Premmerce Premmerce
Redirect Ma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32540 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32539 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32538 (Insertion of Sensitive Information Into Sent Data
vulnerability in Noo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32537 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32536 (Unrestricted Upload of File with Dangerous Type vulnerability
in halfd ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32535 (Authorization Bypass Through User-Controlled Key vulnerability
in Joom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32534 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32533 (Authorization Bypass Through User-Controlled Key vulnerability
in Late ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32532 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32531 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32530 (Incorrect Privilege Assignment vulnerability in WPFunnels
Creator LMS ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32529 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32528 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32527 (Missing Authorization vulnerability in CRM Perks WP Insightly
for Cont ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32526 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32525 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32524 (Unrestricted Upload of File with Dangerous Type vulnerability
in Jordy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32523 (Unrestricted Upload of File with Dangerous Type vulnerability
in denis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32522 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32521 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32520 (Incorrect Privilege Assignment vulnerability in Andrew Munro /
Affilia ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32519 (Incorrect Privilege Assignment vulnerability in Bit Apps Bit
SMTP bit- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32518 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32517 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32516 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32515 (Missing Authorization vulnerability in kamleshyadav Miraculous
miracul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32514 (Missing Authorization vulnerability in Anton Voytenko
Petitioner petit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32513 (Deserialization of Untrusted Data vulnerability in Miguel
Useche JS Ar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32512 (Deserialization of Untrusted Data vulnerability in Edge-Themes
Pelicul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32511 (Deserialization of Untrusted Data vulnerability in
Mikado-Themes St\xe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32510 (Deserialization of Untrusted Data vulnerability in Edge-Themes
Kampere ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32509 (Deserialization of Untrusted Data vulnerability in Edge-Themes
Gracey ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32508 (Deserialization of Untrusted Data vulnerability in
Mikado-Themes Halst ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32507 (Deserialization of Untrusted Data vulnerability in
Elated-Themes Lerou ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32506 (Deserialization of Untrusted Data vulnerability in Edge-Themes
Archico ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32505 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32504 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32503 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32502 (Deserialization of Untrusted Data vulnerability in
Select-Themes Borgh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32501 (Missing Authorization vulnerability in wp-configurator WP
Configurator ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32500 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32499 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32498 (Missing Authorization vulnerability in Metagauss
RegistrationMagic cus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32497 (Weak Authentication vulnerability in PickPlugins User
Verification use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32496 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32495 (Missing Authorization vulnerability in Link Software LLC WP
Terms Popu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32494 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32493 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32492 (Authentication Bypass by Spoofing vulnerability in Joe Dolson
My Ticke ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32491 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32490 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32489 (Missing Authorization vulnerability in bPlugins B Blocks
b-blocks allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32488 (Incorrect Privilege Assignment vulnerability in wpeverest User
Registr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32485 (Missing Authorization vulnerability in weDevs WP User Frontend
wp-user ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32484 (Deserialization of Untrusted Data vulnerability in BoldGrid
weForms we ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32483 (Missing Authorization vulnerability in codepeople Contact Form
Email c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32482 (Unrestricted Upload of File with Dangerous Type vulnerability
in deoth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32441 (Missing Authorization vulnerability in WebToffee Comments
Import & Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-31921 (Missing Authorization vulnerability in Devteam HaywoodTech
Product Rea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-31920 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-31914 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-31913 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-30587 (Multiple Stored XSS vulnerabilities exist in Seafile Server
version 13 ...)
TODO: check
CVE-2026-2995 (GitLab has remediated an issue in GitLab EE affecting all
versions fro ...)
@@ -221,11 +221,11 @@ CVE-2026-2745 (GitLab has remediated an issue in GitLab
CE/EE affecting all vers
CVE-2026-2726 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
TODO: check
CVE-2026-2414 (Authorization bypass through User-Controlled key vulnerability
in HYPR ...)
- TODO: check
+ NOT-FOR-US: HYPR
CVE-2026-2349 (Improper Neutralization of Input During Web Page Generation
("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-2348 (Improper Neutralization of Input During Web Page Generation
("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-29785 (NATS-Server is a High-Performance server for NATS.io, a cloud
and edge ...)
TODO: check
CVE-2026-29092 (Kiteworks is a private data network (PDN). Prior to version
9.2.1, a v ...)
@@ -243,55 +243,55 @@ CVE-2026-27602 (Modoboa is a mail hosting and management
platform. Prior to vers
CVE-2026-27496 (n8n is an open source workflow automation platform. Prior to
versions ...)
TODO: check
CVE-2026-27095 (Deserialization of Untrusted Data vulnerability in
magepeopleteam Bus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27088 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27087 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27084 (Deserialization of Untrusted Data vulnerability in ThemeREX
Buisson bu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27083 (Deserialization of Untrusted Data vulnerability in ThemeREX
Work & Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27082 (Deserialization of Untrusted Data vulnerability in ThemeREX
Love Story ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27081 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27080 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27079 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27078 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27077 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27076 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27075 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27073 (Use of Hard-coded Credentials vulnerability in Addi Addi
– Cuota ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27071 (Missing Authorization vulnerability in Arraytics WPCafe
wp-cafe allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27054 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27051 (Incorrect Privilege Assignment vulnerability in uxper Golo
golo allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27049 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27048 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27047 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27046 (Missing Authorization vulnerability in Kaira StoreCustomizer
woocustom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27045 (Deserialization of Untrusted Data vulnerability in sbthemes
WooCommerc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27044 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27040 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27039 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-26833 (thumbler through 1.1.2 allows OS command injection via the
input, outp ...)
TODO: check
CVE-2026-26832 (node-tesseract-ocr is an npm package that provides a Node.js
wrapper f ...)
@@ -305,247 +305,247 @@ CVE-2026-26233 (Mattermost versions 11.4.x <= 11.4.0,
11.3.x <= 11.3.1, 11.2.x <
CVE-2026-25645 (Requests is a HTTP library. Prior to version 2.33.0, the
function `req ...)
TODO: check
CVE-2026-25469 (Missing Authorization vulnerability in ViaBill for WooCommerce
ViaBill ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25465 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25464 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25462 (Missing Authorization vulnerability in avalex avalex avalex
allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25461 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25460 (Missing Authorization vulnerability in LiquidThemes Ave Core
ave-core ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25458 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25457 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25456 (Missing Authorization vulnerability in Aarsiv Groups Automated
FedEx l ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25455 (Missing Authorization vulnerability in PickPlugins Product
Slider for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25454 (Missing Authorization vulnerability in MVPThemes The League
the-league ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25452 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25447 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25437 (Missing Authorization vulnerability in \u0633\u06cc\u062f
\u0645\u062d ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25435 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25430 (Missing Authorization vulnerability in CRM Perks Integration
for Mailc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25429 (Deserialization of Untrusted Data vulnerability in wpdive Nexa
Blocks ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25417 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25414 (Incorrect Privilege Assignment vulnerability in iqonicdesign
WPBookit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25413 (Unrestricted Upload of File with Dangerous Type vulnerability
in iqoni ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25406 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25401 (Missing Authorization vulnerability in Arni Cinco WPCargo
Track & Trac ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25400 (Deserialization of Untrusted Data vulnerability in thememount
Apicona ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25398 (Missing Authorization vulnerability in Webilia Inc. Vertex
Addons for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25397 (Path Traversal: '.../...//' vulnerability in Snowray Software
File Upl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25396 (Missing Authorization vulnerability in CoderPress Commerce
Coinbase Fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25390 (Missing Authorization vulnerability in Saad Iqbal New User
Approve new ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25383 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25382 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25381 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25380 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25379 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25377 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25376 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25373 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25371 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25366 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25365 (Missing Authorization vulnerability in \xd6zg\xfcr KARALAR
Kargo Takip ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25361 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25360 (Deserialization of Untrusted Data vulnerability in rascals Vex
vex all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25359 (Deserialization of Untrusted Data vulnerability in rascals
Pendulum pe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25358 (Deserialization of Untrusted Data vulnerability in rascals
Meloo meloo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25357 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25356 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25355 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25354 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25353 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25352 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25351 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25350 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25349 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25347 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25346 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25345 (Improper Validation of Specified Quantity in Input
vulnerability in Ga ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25344 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25342 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25341 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25340 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25339 (Insertion of Sensitive Information Into Sent Data
vulnerability in Sye ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25334 (Incorrect Privilege Assignment vulnerability in wordpresschef
Salon Bo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25328 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25327 (Missing Authorization vulnerability in Rustaurius Five Star
Restaurant ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25317 (Missing Authorization vulnerability in tychesoftwares Print
Invoice & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25309 (Missing Authorization vulnerability in PublishPress
PublishPress Autho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25306 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25304 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25035 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25034 (Missing Authorization vulnerability in Iqonic Design KiviCare
kivicare ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25033 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25032 (Deserialization of Untrusted Data vulnerability in
park_of_ideas Ricky ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25031 (Deserialization of Untrusted Data vulnerability in
park_of_ideas Tasty ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25030 (Deserialization of Untrusted Data vulnerability in
park_of_ideas Goldi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25029 (Deserialization of Untrusted Data vulnerability in
park_of_ideas KIDZ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25026 (Missing Authorization vulnerability in RadiusTheme Team
tlp-team allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25025 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25018 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25017 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25013 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25009 (Missing Authorization vulnerability in raratheme Education
Zone educat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25007 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25002 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25001 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24993 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24989 (Deserialization of Untrusted Data vulnerability in
FantasticPlugins SU ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24987 (Missing Authorization vulnerability in activity-log.com WP
System Log ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24983 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24981 (Deserialization of Untrusted Data vulnerability in NooTheme
Visionary ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24980 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24979 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24978 (Deserialization of Untrusted Data vulnerability in NooTheme
Jobica Cor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24977 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24976 (Deserialization of Untrusted Data vulnerability in NooTheme
Organici L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24975 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24974 (Deserialization of Untrusted Data vulnerability in NooTheme
CitiLights ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24973 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24972 (Missing Authorization vulnerability in Elated-Themes Elated
Listing el ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24971 (Incorrect Privilege Assignment vulnerability in Elated-Themes
Search & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24970 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24969 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24968 (Incorrect Privilege Assignment vulnerability in Xagio SEO
Xagio SEO xa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24964 (Server-Side Request Forgery (SSRF) vulnerability in Wasiliy
Strecker / ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24750 (Kiteworks is a private data network (PDN). In Kiteworks Secure
Data Fo ...)
TODO: check
CVE-2026-24391 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24382 (Missing Authorization vulnerability in wproyal News Magazine X
news-ma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24378 (Deserialization of Untrusted Data vulnerability in Metagauss
EventPrim ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24376 (Missing Authorization vulnerability in Javier Casares
WPVulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24373 (Incorrect Privilege Assignment vulnerability in Metagauss
Registration ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24372 (Authentication Bypass by Spoofing vulnerability in WP Swings
Subscript ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24370 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24369 (Missing Authorization vulnerability in Theme-one The Grid
the-grid all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24364 (Missing Authorization vulnerability in weDevs WP User Frontend
wp-user ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24363 (Missing Authorization vulnerability in loopus WP Cost
Estimation & Pay ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24362 (Missing Authorization vulnerability in bdthemes Ultimate Post
Kit ulti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24359 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23979 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23977 (Missing Authorization vulnerability in WPFactory Helpdesk
Support Tick ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23973 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23972 (Missing Authorization vulnerability in magepeopleteam Booking
and Rent ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23971 (Deserialization of Untrusted Data vulnerability in xtemos
WoodMart woo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23807 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23806 (Missing Authorization vulnerability in BlueGlass Interactive
AG Jobs f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23636 (Kiteworks is a private data network (PDN). In Kiteworks Secure
Data Fo ...)
TODO: check
CVE-2026-23635 (Kiteworks is a private data network (PDN). In Kiteworks Secure
Data Fo ...)
@@ -553,99 +553,99 @@ CVE-2026-23635 (Kiteworks is a private data network
(PDN). In Kiteworks Secure D
CVE-2026-23514 (Kiteworks is a private data network (PDN). Versions 9.2.0 and
9.2.1 of ...)
TODO: check
CVE-2026-22524 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22523 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22520 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22516 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22515 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22514 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22513 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22512 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22511 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22510 (Deserialization of Untrusted Data vulnerability in
AncoraThemes Melody ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22509 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22508 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22507 (Deserialization of Untrusted Data vulnerability in
AncoraThemes Beelov ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22506 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22505 (Deserialization of Untrusted Data vulnerability in
AncoraThemes Mornin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22504 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22503 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22502 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22500 (Deserialization of Untrusted Data vulnerability in axiomthemes
m2 | Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22499 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22498 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22496 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22495 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22494 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22493 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22491 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22485 (Missing Authorization vulnerability in Ruhul Amin My Album
Gallery my- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22484 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22480 (Deserialization of Untrusted Data vulnerability in WebToffee
Product F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22448 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-20719 (Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x
<= 11.2 ...)
TODO: check
CVE-2026-20125 (A vulnerability in the HTTP Server feature of Cisco IOS
Software and C ...)
TODO: check
CVE-2026-20115 (A vulnerability in Cisco IOS XE Software for Cisco Meraki
could allow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20114 (A vulnerability in the Lobby Ambassador web-based management
API of Ci ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20113 (A vulnerability in the web-based Cisco IOx application hosting
environ ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20112 (A vulnerability in the web-based Cisco IOx application hosting
environ ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20110 (A vulnerability in the CLI of Cisco IOS XE Software could
allow an aut ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20108 (A vulnerability in the web-based management interface of Cisco
Catalys ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20104 (A vulnerability in the bootloader of Cisco IOS XE Software for
Cisco C ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20086 (A vulnerability in the processing of Control and Provisioning
of Wirel ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20084 (A vulnerability in the DHCP snooping feature of Cisco IOS XE
Software ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20083 (A vulnerability in the Secure Copy Protocol (SCP) server
feature of Ci ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20012 (A vulnerability in the Internet Key Exchange version 2 (IKEv2)
feature ...)
TODO: check
CVE-2026-20004 (A vulnerability in the TLS library of Cisco IOS XE Software
could allo ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-1917 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-1724 (GitLab has remediated an issue in GitLab EE affecting all
versions fro ...)
TODO: check
CVE-2026-1712 (Incorrect privilege assignment vulnerability in HYPR Server
allows Pri ...)
- TODO: check
+ NOT-FOR-US: HYPR
CVE-2026-1001 (Domoticz versions prior to 2026.1 contain a stored cross-site
scriptin ...)
TODO: check
CVE-2025-70952 (pf4j before 20c2f80 has a path traversal vulnerability in the
extract( ...)
@@ -655,11 +655,11 @@ CVE-2025-70888 (An issue in mtrojnar Osslsigncode
affected at v2.10 and before a
CVE-2025-70887 (An issue in ralphje Signify before v.0.9.2 allows a remote
attacker to ...)
TODO: check
CVE-2025-69358 (Missing Authorization vulnerability in Metagauss EventPrime
eventprime ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69347 (Authorization Bypass Through User-Controlled Key vulnerability
in Conv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69096 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67030 (Directory Traversal vulnerability in the extractFile method of
org.cod ...)
TODO: check
CVE-2025-59707 (In N2W before 4.3.2 and 4.4.x before 4.4.1, there is potential
remote ...)
@@ -667,15 +667,15 @@ CVE-2025-59707 (In N2W before 4.3.2 and 4.4.x before
4.4.1, there is potential r
CVE-2025-59706 (In N2W before 4.3.2 and 4.4.0 before 4.4.1, improper
validation of API ...)
TODO: check
CVE-2025-40842 (Ericsson Indoor Connect 8855 versions prior to 2025.Q3contains
a Cross ...)
- TODO: check
+ NOT-FOR-US: Ericsson
CVE-2025-40841 (Ericsson Indoor Connect 8855 versions prior to 2025.Q3contains
a Cross ...)
- TODO: check
+ NOT-FOR-US: Ericsson
CVE-2025-32991 (In N2WS Backup & Recovery before 4.4.0, a two-step attack
against the ...)
TODO: check
CVE-2025-27260 (Ericsson Indoor Connect 8855 versions prior to 2025.Q3
contains an Imp ...)
- TODO: check
+ NOT-FOR-US: Ericsson
CVE-2025-14790 (IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6
could allo ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-14595 (GitLab has remediated an issue in GitLab EE affecting all
versions fro ...)
TODO: check
CVE-2025-13436 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
@@ -683,7 +683,7 @@ CVE-2025-13436 (GitLab has remediated an issue in GitLab
CE/EE affecting all ver
CVE-2025-13078 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
TODO: check
CVE-2025-12708 (IBM Concert 1.0.0 through 2.2.0 contains hard-coded
credentials that c ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-58341 (OpenCart Core 4.0.2.3 contains a SQL injection vulnerability
that allo ...)
TODO: check
CVE-2024-51348 (A stack-based buffer overflow vulnerability in the P2P API
service in ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b604b87f4e9e51e82bb673c4309d49d4b097e44
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b604b87f4e9e51e82bb673c4309d49d4b097e44
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
