Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cea7b82a by security tracker role at 2026-04-03T19:14:55+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23,15 +23,15 @@ CVE-2026-5462 (A vulnerability was identified in Wahoo
Fitness SYSTM App up to 7
CVE-2026-5458 (A weakness has been identified in Noelse Individuals & Pro App
up to 2 ...)
TODO: check
CVE-2026-4350 (The Perfmatters plugin for WordPress is vulnerable to arbitrary
file d ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4108 (Zohocorp ManageEngine Exchange Reporter Plus versions before
5802 are ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2026-4107 (Zohocorp ManageEngine Exchange Reporter Plus versions before
5802 are ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2026-3880 (Zohocorp ManageEngine Exchange Reporter Plus versions before
5802 are ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2026-3879 (Zohocorp ManageEngine Exchange Reporter Plus versions before
5802 are ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2026-35218 (Budibase is an open-source low-code platform. Prior to version
3.32.5, ...)
TODO: check
CVE-2026-35216 (Budibase is an open-source low-code platform. Prior to version
3.33.4, ...)
@@ -43,17 +43,17 @@ CVE-2026-32186 (Microsoft Bing Elevation of Privilege
Vulnerability)
CVE-2026-31818 (Budibase is an open-source low-code platform. Prior to version
3.33.4, ...)
TODO: check
CVE-2026-28756 (Zohocorp ManageEngine Exchange Reporter Plusversions before
5802 are v ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2026-28754 (Zohocorp ManageEngine Exchange Reporter Plusversions before
5802 are v ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2026-28736 (** UNSUPPORTED WHEN ASSIGNED ** Focalboard version 8.0 fails
to valida ...)
TODO: check
CVE-2026-28703 (Zohocorp ManageEngine Exchange Reporter Plusversions before
5802 are v ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2026-28373 (The Stackfield Desktop App before 1.10.2 for macOS and Windows
contain ...)
TODO: check
CVE-2026-27655 (Zohocorp ManageEngine Exchange Reporter Plus versions before
5802 are ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2026-27124 (FastMCP is the standard framework for building MCP
applications. Prior ...)
TODO: check
CVE-2026-26477 (An issue in Dokuwiki v.2025-05-14b 'Librarian' allows a remote
attacke ...)
@@ -67,7 +67,7 @@ CVE-2026-25044 (Budibase is an open-source low-code platform.
Prior to version 3
CVE-2026-25043 (Budibase is an open-source low-code platform. Prior to version
3.23.25 ...)
TODO: check
CVE-2026-0545 (In mlflow/mlflow, the FastAPI job endpoints under
`/ajax-api/3.0/jobs/ ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2025-7024 (Incorrect Default Permissions vulnerability in AIRBUS PSS TETRA
Connec ...)
TODO: check
CVE-2025-68153 (Juju is an open source application orchestration engine that
enables a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cea7b82a6cfe3750fa8224297bd1707059a3e50b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cea7b82a6cfe3750fa8224297bd1707059a3e50b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
