Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0d556f94 by security tracker role at 2026-04-01T07:14:54+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2026-5258 (A vulnerability was found in Sanster IOPaint 1.5.3. Impacted is
the fu ...)
TODO: check
CVE-2026-5257 (A vulnerability has been found in code-projects Simple Laundry
System ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5256 (A flaw has been found in code-projects Simple Laundry System
1.0. This ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5255 (A vulnerability was detected in code-projects Simple Laundry
System 1. ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5254 (A security vulnerability has been detected in welovemedia
FFmate up to ...)
TODO: check
CVE-2026-5253 (A weakness has been identified in bufanyun HotGo 1.0/2.0.
Affected by ...)
@@ -19,53 +19,53 @@ CVE-2026-5249 (A vulnerability was found in gougucms
4.08.18. This impacts an un
CVE-2026-5248 (A vulnerability has been found in gougucms 4.08.18. This
affects the f ...)
TODO: check
CVE-2026-5240 (A security vulnerability has been detected in code-projects
BloodBank ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5238 (A weakness has been identified in itsourcecode Payroll
Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-5237 (A security flaw has been discovered in itsourcecode Payroll
Management ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-5236 (A vulnerability was identified in Axiomatic Bento4 up to
1.6.0-641. Af ...)
TODO: check
CVE-2026-5235 (A vulnerability was determined in Axiomatic Bento4 up to
1.6.0-641. Th ...)
TODO: check
CVE-2026-5215 (A vulnerability was identified in D-Link DNS-120, DNR-202L,
DNS-315L, ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-5214 (A vulnerability was found in D-Link DNS-120, DNR-202L,
DNS-315L, DNS-3 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-5213 (A vulnerability was determined in D-Link DNS-120, DNR-202L,
DNS-315L, ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-5212 (A vulnerability has been found in D-Link DNS-120, DNR-202L,
DNS-315L, ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-5211 (A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L,
DNS-320, ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-5210 (A vulnerability was detected in SourceCodester Leave
Application Syste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-5209 (A security vulnerability has been detected in SourceCodester
Leave App ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-5206 (A security vulnerability has been detected in code-projects
Simple Gym ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5205 (A vulnerability was identified in chatwoot up to 4.11.2.
Affected by t ...)
TODO: check
CVE-2026-5204 (A vulnerability was determined in Tenda CH22 1.0.0.1. Affected
is the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-5203 (A vulnerability was found in CMS Made Simple up to 2.2.22. This
impact ...)
TODO: check
CVE-2026-5201 (A flaw was found in the gdk-pixbuf library. This heap-based
buffer ove ...)
TODO: check
CVE-2026-5198 (A vulnerability was determined in code-projects Student
Membership Sys ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5197 (A vulnerability was found in code-projects Student Membership
System 1 ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5196 (A vulnerability has been found in code-projects Student
Membership Sys ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5195 (A flaw has been found in code-projects Student Membership
System 1.0. ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5190 (Out-of-bounds write in the streaming decoder component in
aws-c-event- ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2026-5186 (A weakness has been identified in Nothings stb up to 2.30. This
impact ...)
TODO: check
CVE-2026-4947 (Addressed a potential insecure direct object reference (IDOR)
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-4819 (In Search Guard FLX versions from 1.0.0 up to 4.0.1, the audit
logging ...)
TODO: check
CVE-2026-4818 (In Search Guard FLX versions from 3.0.0 up to 4.0.1, there
exists an i ...)
@@ -77,47 +77,47 @@ CVE-2026-4799 (In Search Guard FLX up to version 4.0.1, it
is possible to use sp
CVE-2026-4748 (A regression in the way hashes were calculated caused rules
containing ...)
TODO: check
CVE-2026-4668 (The Booking for Appointments and Events Calendar - Amelia
plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4400 (Insecure Direct Object Reference (IDOR) vulnerability in
1millionbot M ...)
TODO: check
CVE-2026-4399 (Prompt injection vulnerability in 1millionbot Millie chatbot
that occu ...)
TODO: check
CVE-2026-4374 (Improper Restriction of XML External Entity Reference
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: RTI Connext
CVE-2026-4317 (SQL inyection (SQLi) vulnerability in Umami Software web
application t ...)
TODO: check
CVE-2026-4267 (The Query Monitor \u2013 The developer tools panel for
WordPress plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-3831 (The Database for Contact Form 7, WPforms, Elementor forms
plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-3780 (The application's installer runs with elevated privileges but
resolves ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-3779 (The application's list box calculate array logic keeps stale
reference ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-3778 (The application does not detect or guard against cyclic PDF
object ref ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-3777 (The application does not properly validate the lifetime and
validity o ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-3776 (The application does not validate the presence of required
appearance ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-3775 (The application's update service, when checking for updates,
loads cer ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-3774 (The application allows PDF JavaScript and document/print
actions (such ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-3470 (A vulnerability exists in the SonicWall Email Security
appliance due t ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2026-3469 (A denial-of-service (DoS) vulnerability exists due to improper
input v ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2026-3468 (A stored Cross-Site Scripting (XSS) vulnerability has been
identified ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2026-3356 (The MS27102A Remote Spectrum Monitor is vulnerable to an
authenticatio ...)
TODO: check
CVE-2026-3308 (An integer overflow vulnerability in 'pdf-image.c' in Artifex's
MuPDF ...)
TODO: check
CVE-2026-3191 (The Minify HTML plugin for WordPress is vulnerable to
Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-3139 (The User Profile Builder \u2013 Beautiful User Registration
Forms, Use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-3107 (Stored Cross-Site Scripting (XSS) in Teampass versions prior to
3.1.5. ...)
TODO: check
CVE-2026-3106 (Blind Cross-Site Scripting (XSS) in Teampass, versions prior to
3.1.5. ...)
@@ -131,9 +131,9 @@ CVE-2026-35055 (XenForo before 2.3.9 and before 2.2.18 is
vulnerable to cross-si
CVE-2026-35054 (XenForo before 2.3.9 is vulnerable to stored cross-site
scripting (XSS ...)
TODO: check
CVE-2026-34887 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-34784 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34740 (WWBN AVideo is an open source video platform. In versions 26.0
and pri ...)
TODO: check
CVE-2026-34739 (WWBN AVideo is an open source video platform. In versions 26.0
and pri ...)
@@ -157,15 +157,15 @@ CVE-2026-34611 (WWBN AVideo is an open source video
platform. In versions 26.0 a
CVE-2026-34605 (SiYuan is a personal knowledge management system. From version
3.6.0 t ...)
TODO: check
CVE-2026-34595 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34586 (PdfDing is a selfhosted PDF manager, viewer and editor
offering a seam ...)
TODO: check
CVE-2026-34585 (SiYuan is a personal knowledge management system. Prior to
version 3.6 ...)
TODO: check
CVE-2026-34574 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34573 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34556 (iccDEV provides a set of libraries and tools for working with
ICC colo ...)
TODO: check
CVE-2026-34555 (iccDEV provides a set of libraries and tools for working with
ICC colo ...)
@@ -207,19 +207,19 @@ CVE-2026-34534 (iccDEV provides a set of libraries and
tools for working with IC
CVE-2026-34533 (iccDEV provides a set of libraries and tools for working with
ICC colo ...)
TODO: check
CVE-2026-34532 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34509 (OpenClaw before 2026.3.8 contains a sender allowlist bypass
vulnerabil ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-34508 (OpenClaw before 2026.3.12 applies rate limiting only after
webhook aut ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-34506 (OpenClaw before 2026.3.8 contains a sender allowlist bypass
vulnerabil ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-34505 (OpenClaw before 2026.3.12 applies rate limiting only after
successful ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-34504 (OpenClaw before 2026.3.28 contains a server-side request
forgery vulne ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-34503 (OpenClaw before 2026.3.28 fails to disconnect active WebSocket
session ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-34453 (SiYuan is a personal knowledge management system. Prior to
version 3.6 ...)
TODO: check
CVE-2026-34452 (The Claude SDK for Python provides access to the Claude API
from Pytho ...)
@@ -265,7 +265,7 @@ CVE-2026-34381 (Admidio is an open-source user management
solution. From version
CVE-2026-34377 (ZEBRA is a Zcash node written entirely in Rust. Prior to
zebrad versio ...)
TODO: check
CVE-2026-34373 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34372 (Sulu is an open-source PHP content management system based on
the Symf ...)
TODO: check
CVE-2026-34367 (InvoiceShelf is an open-source web & mobile app that helps
track expen ...)
@@ -275,7 +275,7 @@ CVE-2026-34366 (InvoiceShelf is an open-source web & mobile
app that helps track
CVE-2026-34365 (InvoiceShelf is an open-source web & mobile app that helps
track expen ...)
TODO: check
CVE-2026-34363 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34361 (HAPI FHIR is a complete implementation of the HL7 FHIR
standard for he ...)
TODO: check
CVE-2026-34360 (HAPI FHIR is a complete implementation of the HL7 FHIR
standard for he ...)
@@ -295,7 +295,7 @@ CVE-2026-34231 (Slippers is a UI component framework for
Django. Prior to versio
CVE-2026-34227 (Sliver is a command and control framework that uses a custom
Wireguard ...)
TODO: check
CVE-2026-34224 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34221 (MikroORM is a TypeScript ORM for Node.js based on Data Mapper,
Unit of ...)
TODO: check
CVE-2026-34220 (MikroORM is a TypeScript ORM for Node.js based on Data Mapper,
Unit of ...)
@@ -305,7 +305,7 @@ CVE-2026-34219 (libp2p-rust is the official rust language
Implementation of the
CVE-2026-34218 (ClearanceKit intercepts file-system access events on macOS and
enforce ...)
TODO: check
CVE-2026-34215 (Parse Server is an open source backend that can be deployed to
any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34214 (Trino is a distributed SQL query engine for big data
analytics. From v ...)
TODO: check
CVE-2026-34210 (mppx is a TypeScript interface for machine payments protocol.
Prior to ...)
@@ -337,77 +337,77 @@ CVE-2026-34155 (RAUC controls the update process on
embedded Linux systems. Prio
CVE-2026-33762 (go-git is an extensible git implementation library written in
pure Go. ...)
TODO: check
CVE-2026-33581 (OpenClaw before 2026.3.24 contains a sandbox bypass
vulnerability in t ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-33580 (OpenClaw before 2026.3.28 contains a missing rate limiting
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-33579 (OpenClaw before 2026.3.28 contains a privilege escalation
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-33578 (OpenClaw before 2026.3.28 contains a sender policy bypass
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-33577 (OpenClaw before 2026.3.28 contains an insufficient scope
validation vu ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-33576 (OpenClaw before 2026.3.28 downloads and stores inbound media
from Zalo ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-33415 (Discourse is an open-source discussion platform. From versions
2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-33300 (Discourse is an open-source discussion platform. From versions
2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-33276 (Stored cross-site scripting (XSS) in Checkmk 2.5.0 (beta)
before 2.5.0 ...)
TODO: check
CVE-2026-33185 (Discourse is an open-source discussion platform. From versions
2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-33074 (Discourse is an open-source discussion platform. From versions
2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-33073 (Discourse is an open-source discussion platform. From versions
2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32988 (OpenClaw before 2026.3.11 contains a sandbox boundary bypass
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32982 (OpenClaw before 2026.3.13 contains an information disclosure
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32977 (OpenClaw before 2026.3.11 contains a sandbox boundary bypass
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32976 (OpenClaw before 2026.3.11 contains an authorization bypass
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32971 (OpenClaw before 2026.3.11 contains an approval-integrity
vulnerability ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32970 (OpenClaw before 2026.3.11 contains a credential fallback
vulnerability ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32951 (Discourse is an open-source discussion platform. From versions
2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32921 (OpenClaw before 2026.3.8 contains an approval bypass
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32920 (OpenClaw before 2026.3.12 automatically discovers and loads
plugins fr ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32917 (OpenClaw before 2026.3.13 contains a remote command injection
vulnerab ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32916 (OpenClaw versions 2026.3.7 before 2026.3.11 contain an
authorization b ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32726 (SciTokens C++ is a minimal library for creating and using
SciTokens fr ...)
TODO: check
CVE-2026-32725 (SciTokens C++ is a minimal library for creating and using
SciTokens fr ...)
TODO: check
CVE-2026-32620 (Discourse is an open-source discussion platform. From versions
2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32619 (Discourse is an open-source discussion platform. From versions
2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32618 (Discourse is an open-source discussion platform. From versions
2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32615 (Discourse is an open-source discussion platform. From versions
2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32607 (Discourse is an open-source discussion platform. From versions
2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32273 (Discourse is an open-source discussion platform. From versions
2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32243 (Discourse is an open-source discussion platform. From versions
2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32143 (Discourse is an open-source discussion platform. From versions
2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32113 (Discourse is an open-source discussion platform. From versions
2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-30521 (A Business Logic vulnerability exists in SourceCodester Loan
Managemen ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-30520 (A Blind SQL Injection vulnerability exists in SourceCodester
Loan Mana ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-30314 (Ridvay Code's command auto-approval module contains a critical
OS comm ...)
TODO: check
CVE-2026-30312 (DSAI-Cline's command auto-approval module contains a critical
OS comma ...)
@@ -445,13 +445,13 @@ CVE-2026-30276 (An arbitrary file overwrite vulnerability
in DeftPDF Document Tr
CVE-2026-2950 (Impact: Lodash versions 4.17.23 and earlier are vulnerable to
prototy ...)
TODO: check
CVE-2026-2696 (The Export All URLs WordPress plugin before 5.1 generates CSV
filename ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2480 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2394 (Buffer Over-read vulnerability in RTI Connext Professional
(Core Libra ...)
- TODO: check
+ NOT-FOR-US: RTI Connext
CVE-2026-2123 (A security audit identified a privilege escalation
vulnerability in Op ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2026-29870 (A directory traversal vulnerability in the
agentic-context-engine proj ...)
TODO: check
CVE-2026-24165 (NVIDIA BioNeMo contains a vulnerability where a user could
cause a des ...)
@@ -465,7 +465,7 @@ CVE-2026-24153 (NVIDIA Jetson Linux has a vulnerability in
initrd, where the nvl
CVE-2026-24148 (NVIDIA Jetson for JetPack contains a vulnerability in the
system initi ...)
TODO: check
CVE-2026-22569 (An incorrect startup configuration of affected versions of
Zscaler Cli ...)
- TODO: check
+ NOT-FOR-US: Zscaler
CVE-2026-22561 (Uncontrolled search path elements in Anthropic Claude for
Windows inst ...)
TODO: check
CVE-2026-20915 (Stored cross-site scripting (XSS) in Checkmk version 2.5.0
(beta) befo ...)
@@ -473,7 +473,7 @@ CVE-2026-20915 (Stored cross-site scripting (XSS) in
Checkmk version 2.5.0 (beta
CVE-2026-1579 (The MAVLink communication protocol does not require
cryptographic aut ...)
TODO: check
CVE-2026-0596 (A command injection vulnerability exists in mlflow/mlflow when
serving ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2025-71282 (XenForo before 2.3.7 discloses filesystem paths through
exception mess ...)
TODO: check
CVE-2025-71281 (XenForo before 2.3.7 does not properly restrict methods
callable from ...)
@@ -493,17 +493,17 @@ CVE-2025-41356 (Reflected Cross-Site Scripting (XSS)
vulnerability in Anon Proxy
CVE-2025-41355 (Reflected Cross-Site Scripting (XSS) vulnerability in Anon
Proxy Serve ...)
TODO: check
CVE-2025-15484 (The Order Notification for WooCommerce WordPress plugin
before 3.6.3 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14213 (Cato Networks\u2019 Socket versions prior to 25 contain a
command inje ...)
- TODO: check
+ NOT-FOR-US: Cato
CVE-2025-13855 (IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus
Server is vu ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-10559 (A Path Traversal vulnerability affecting Factory Resource
Management i ...)
- TODO: check
+ NOT-FOR-US: Dassault Systemes
CVE-2025-10553 (A Stored Cross-site Scripting (XSS) vulnerability affecting
Factory Re ...)
- TODO: check
+ NOT-FOR-US: Dassault Systemes
CVE-2025-10551 (A Stored Cross-site Scripting (XSS) vulnerability affecting
Document M ...)
- TODO: check
+ NOT-FOR-US: Dassault Systemes
CVE-2024-58342 (XenForo before 2.2.17 and 2.3.1 allows open redirect via a
specially c ...)
TODO: check
CVE-2026-34956
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d556f94564c09f8ff470fb0adde0e0bf07890d2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d556f94564c09f8ff470fb0adde0e0bf07890d2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
