Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9648dbc4 by security tracker role at 2026-05-07T07:13:51+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,19 +5,19 @@ CVE-2026-8033 (A vulnerability has been found in PicoTronica
e-Clinic Healthcare
CVE-2026-8032 (A flaw has been found in PicoTronica e-Clinic Healthcare System
ECHS 5 ...)
TODO: check
CVE-2026-7252 (The WP-Optimize \u2013 Cache, Compress images, Minify & Clean
database ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6692 (The Slider Revolution plugin for WordPress is vulnerable to
Arbitrary ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6278
REJECTED
CVE-2026-6222 (The Forminator Forms plugin for WordPress is vulnerable to
Missing Aut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6214 (The Forminator Forms plugin for WordPress is vulnerable to
Missing Aut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4807 (The Appointment Booking Calendar plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4348 (The BetterDocs Pro plugin for WordPress is vulnerable to SQL
Injection ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-44603 (Tor before 0.4.9.7 has an out-of-bounds read by one byte via a
malform ...)
TODO: check
CVE-2026-44602 (Tor before 0.4.9.7 has a NULL pointer dereference when a CERT
cell is ...)
@@ -31,47 +31,47 @@ CVE-2026-44599 (Tor before 0.4.9.7 can attempt or accept
BEGIN_DIR via conflux l
CVE-2026-44597 (Tor before 0.4.9.7 has an out-of-bounds read when an END, a
TRUNCATE, ...)
TODO: check
CVE-2026-44118 (OpenClaw before 2026.4.22 derives loopback MCP owner context
from spoo ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-44117 (OpenClaw before 2026.4.20 contains a server-side request
forgery vulne ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-44116 (OpenClaw before 2026.4.22 contains a server-side request
forgery vulne ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-44115 (OpenClaw before 2026.4.22 contains an exec allowlist analysis
vulnerab ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-44114 (OpenClaw before 2026.4.20 fails to properly reserve the
OPENCLAW_ runt ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-44113 (OpenClaw before 2026.4.22 contains a time-of-check/time-of-use
race co ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-44112 (OpenClaw before 2026.4.22 contains a time-of-check/time-of-use
race co ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-44111 (OpenClaw before 2026.4.15 contains an arbitrary file read
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-44110 (OpenClaw before 2026.4.15 contains an authorization bypass
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-44109 (OpenClaw before 2026.4.15 contains an authentication bypass
vulnerabil ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-43585 (OpenClaw before 2026.4.15 captures resolved bearer-auth
configuration ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-43584 (OpenClaw before 2026.4.10 contains an insufficient environment
variabl ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-43583 (OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist
session c ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-43582 (OpenClaw before 2026.4.10 contains a server-side request
forgery vulne ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-43581 (OpenClaw before 2026.4.10 contains an improper network binding
vulnera ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-43580 (OpenClaw before 2026.4.10 contains an incomplete navigation
guard vuln ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-43579 (OpenClaw before 2026.4.10 contains an insufficient access
control vuln ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-43578 (OpenClaw versions 2026.3.31 before 2026.4.10 contain a
privilege escal ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-43577 (OpenClaw before 2026.4.9 contains a file read vulnerability
allowing a ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-43576 (OpenClaw before 2026.4.5 contains a server-side request
forgery vulner ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-43575 (OpenClaw versions 2026.2.21 before 2026.4.10 contain an
authentication ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-42217 (OpenEXR provides the specification and reference
implementation of the ...)
TODO: check
CVE-2026-42216 (OpenEXR provides the specification and reference
implementation of the ...)
@@ -171,11 +171,11 @@ CVE-2026-40171 (In Jupyter Notebook versions 7.0.0
through 7.5.5, JupyterLab ver
CVE-2026-40076 (OpenMRS Core is an open source electronic medical record
system platfo ...)
TODO: check
CVE-2026-40004 (There exists an openssl.cnf privilege escalation vulnerability
in ZTE ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2026-40003 (ZTE ZX297520V3 BootROM contains a vulnerability that allows
arbitrary ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2026-3291 (Samsung Print Service Plugin for Android is potentially
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2026-33441
REJECTED
CVE-2026-44353
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9648dbc4c8cefd478513a496501e4e0a0de9db55
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9648dbc4c8cefd478513a496501e4e0a0de9db55
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
