Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0bddef55 by Moritz Muehlenhoff at 2026-05-06T12:46:06+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -222,7 +222,7 @@ CVE-2026-7857 (A vulnerability has been found in D-Link
DI-8100 16.07.26A1. This
CVE-2026-7856 (A flaw has been found in D-Link DI-8100 16.07.26A1. This
affects an un ...)
NOT-FOR-US: D-Link
CVE-2026-7573 (An authorization bypass (CWE-639) in the GetUserRoles gRPC API
endpoin ...)
- TODO: check
+ NOT-FOR-US: Velociraptor
CVE-2026-7572 (An off-by-one error (CWE-193) in the ConsumeUnit16Array and
ConsumeUni ...)
NOT-FOR-US: Velociraptor
CVE-2026-5753 (The All-in-One WP Migration Unlimited Extension plugin for
WordPress i ...)
@@ -295,7 +295,7 @@ CVE-2026-33489 (CoreDNS is a DNS server that chains
plugins. In versions prior t
CVE-2026-33420 (Vaultwarden is a Bitwarden-compatible server written in Rust.
In versi ...)
- vaultwarden <itp> (bug #1067023)
CVE-2026-33324 (SQLBot is an intelligent Text-to-SQL system based on large
language mo ...)
- TODO: check
+ NOT-FOR-US: SQLBot
CVE-2026-33190 (CoreDNS is a DNS server that chains plugins. In versions prior
to 1.14 ...)
- coredns <itp> (bug #880676)
CVE-2026-32936 (CoreDNS is a DNS server that chains plugins. In versions prior
to 1.14 ...)
@@ -303,11 +303,11 @@ CVE-2026-32936 (CoreDNS is a DNS server that chains
plugins. In versions prior t
CVE-2026-32934 (CoreDNS is a DNS server that chains plugins. In versions prior
to 1.14 ...)
- coredns <itp> (bug #880676)
CVE-2026-32699 (FacturaScripts is an open source accounting and invoicing
software. In ...)
- TODO: check
+ NOT-FOR-US: FacturaScripts
CVE-2026-32603 (Sandboxie is an open source sandbox-based isolation software
for Windo ...)
- TODO: check
+ NOT-FOR-US: Sandboxie
CVE-2026-31893 (Tunnelblick is an open source graphic user interface for
OpenVPN on ma ...)
- TODO: check
+ NOT-FOR-US: Tunnelblick
CVE-2026-2306 (The Ninja Tables \u2013 Easy Data Table Builder plugin for
WordPress i ...)
NOT-FOR-US: WordPress plugin
CVE-2025-71256 (In nr modem, there is a possible improper input validation.
This could ...)
@@ -323,7 +323,7 @@ CVE-2025-71252 (In Modem IMS, there is a possible improper
input validation. Thi
CVE-2025-71251 (In IMS, there is a possible system crash due to improper input
validat ...)
NOT-FOR-US: Unisoc
CVE-2024-52911 (Bitcoin Core through 28.x has a security issue, the details of
which a ...)
- TODO: check
+ - bitcoin <removed>
CVE-2026-39852 (Quarkus is a Java framework for building cloud-native
applications. In ...)
NOT-FOR-US: Quarkus
CVE-2026-28780 (Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of
Apache HT ...)
@@ -451,7 +451,7 @@ CVE-2026-38428 (Kestra v1.3.3 and before is vulnerable to
SQL Injection. The vul
CVE-2026-36356 (The GoAhead web server on MeiG Smart FORGE_SLT711 devices
(firmware MD ...)
NOT-FOR-US: MeiG Smart FORGE_SLT711 devices
CVE-2026-36355 (The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x
Jungle SDK (a ...)
- TODO: check
+ NOT-FOR-US: Realtek
CVE-2026-34408 (An issue was discovered in Gambio 4.9.2.0 (patched in 2024-02
v1.0.0 f ...)
NOT-FOR-US: Gambio
CVE-2026-32689 (Allocation of Resources Without Limits or Throttling
vulnerability in ...)
@@ -2539,7 +2539,7 @@ CVE-2026-7512 (A flaw has been found in UTT HiPER 1200GW
up to 2.5.3-1703. The a
CVE-2026-7510 (A vulnerability was determined in OWAP DefectDojo up to 2.55.4.
Affect ...)
NOT-FOR-US: OWAP DefectDojo
CVE-2026-7508 (A vulnerability was found in Bootstrap CMS 0.9.0-alpha.
Affected is an ...)
- TODO: check
+ NOT-FOR-US: Bootstrap CMS
CVE-2026-7506 (A vulnerability has been found in SourceCodester Hotel
Management Syst ...)
NOT-FOR-US: SourceCodester
CVE-2026-7505 (A flaw has been found in nextlevelbuilder GoClaw and GoClaw
Lite up to ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bddef55d3cf5241d491fe40d681d1b8f828acaf
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bddef55d3cf5241d491fe40d681d1b8f828acaf
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
