Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0b5f14d8 by security tracker role at 2026-04-02T07:14:52+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2026-5325 (A vulnerability was determined in SourceCodester Simple
Customer Relat ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-5323 (A vulnerability was found in priyankark a11y-mcp up to 1.0.5.
This vul ...)
TODO: check
CVE-2026-5322 (A vulnerability has been found in AlejandroArciniegas
mcp-data-vis bc5 ...)
@@ -9,7 +9,7 @@ CVE-2026-5321 (A flaw has been found in vanna-ai vanna up to
2.0.2. Affected by
CVE-2026-5320 (A vulnerability was detected in vanna-ai vanna up to 2.0.2.
Affected b ...)
TODO: check
CVE-2026-5319 (A security vulnerability has been detected in itsourcecode
Payroll Man ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-5318 (A weakness has been identified in LibRaw up to 0.22.0. This
impacts th ...)
TODO: check
CVE-2026-5317 (A security flaw has been discovered in Nothings stb up to 1.22.
This a ...)
@@ -23,21 +23,21 @@ CVE-2026-5314 (A vulnerability was found in Nothings stb up
to 1.26. Impacted is
CVE-2026-5313 (A vulnerability has been found in Nothings stb up to 2.30. This
issue ...)
TODO: check
CVE-2026-5312 (A weakness has been identified in D-Link DNS-120, DNR-202L,
DNS-315L, ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-5311 (A security flaw has been discovered in D-Link DNS-120,
DNR-202L, DNS-3 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-4820 (IBM Maximo Application Suite 9.1, 9.0, 8.11, and 8.10 does not
set the ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-4759
REJECTED
CVE-2026-4364 (IBM Verify Identity Access Container 11.0 through 11.0.2 and
IBM Secur ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-4347 (The MW WP Form plugin for WordPress is vulnerable to arbitrary
file mo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4101 (IBM Verify Identity Access Container 11.0 through 11.0.2 and
IBM Secur ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-3987 (A path traversal vulnerability in the Fireware OS Web UI on
WatchGuard ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2026-3882
REJECTED
CVE-2026-34873 (An issue was discovered in Mbed TLS 3.5.0 through 4.0.0.
Client impers ...)
@@ -129,41 +129,41 @@ CVE-2026-32926 (V-SFT versions 6.2.10.0 and prior contain
an out-of-bounds read
CVE-2026-32925 (V-SFT versions 6.2.10.0 and prior contain a stack-based buffer
overflo ...)
TODO: check
CVE-2026-2862 (IBM Verify Identity Access Container 11.0 through 11.0.2 and
IBM Secur ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-2475 (IBM Verify Identity Access Container 11.0 through 11.0.2 and
IBM Secur ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-22815 (AIOHTTP is an asynchronous HTTP client/server framework for
asyncio an ...)
TODO: check
CVE-2026-21767 (HCL BigFix Platform is affected byinsufficient authentication.
The app ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2026-21765 (HCL BigFix Platform is affected by insecure permissions on
private cry ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2026-1540 (The Spam Protect for Contact Form 7 WordPress plugin before
1.2.10 all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1491 (IBM Verify Identity Access Container 11.0 through 11.0.2 and
IBM Secur ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-1345 (IBM Verify Identity Access Container 11.0 through 11.0.2 and
IBM Secur ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-1243 (IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to
cross- ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-66487 (IBM Aspera Shares 1.9.9 through 1.11.0 does not properly rate
limit th ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-66486 (IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTML
injection ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-66485 (IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTTP
header in ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-66484 (IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to stored
cross-s ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-66483 (IBM Aspera Shares 1.9.9 through 1.11.0 does not invalidate
session aft ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-66442 (In Mbed TLS through 4.0.0, there is a compiler-induced timing
side cha ...)
TODO: check
CVE-2025-36375 (IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM
DataPow ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36373 (IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM
DataPow ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13916 (IBM Aspera Shares 1.9.9 through 1.11.0 uses weaker than
expected crypt ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-0711
REJECTED
CVE-2026-5310 (A vulnerability was identified in Enter Software Iperius Backup
up to ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b5f14d896f320c79905606494da3a2bdfb8326f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b5f14d896f320c79905606494da3a2bdfb8326f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
