Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b3841a9b by security tracker role at 2026-05-21T19:14:31+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,11 +3,11 @@ CVE-2026-9157 (Improper input validation, Unrestricted upload
of file with dange
CVE-2026-9089 (The ConnectWise Automate\u2122 Agent does not fully verify the
authent ...)
TODO: check
CVE-2026-5434 (Honeywell Control Network Module (CNM)contains insertion of
sensitive ...)
- TODO: check
+ NOT-FOR-US: Honeywell
CVE-2026-5433 (Honeywell Control Network Module (CNM)contains command
injection vulne ...)
- TODO: check
+ NOT-FOR-US: Honeywell
CVE-2026-5118 (The Divi Form Builder plugin for WordPress is vulnerable to
privilege ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4858 (Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x
<= 11.4 ...)
TODO: check
CVE-2026-4055 (Mattermost versions 11.5.x <= 11.5.1 fail to validate
team-level run_c ...)
@@ -87,7 +87,7 @@ CVE-2026-48214 (Open ISES Tickets before 3.44.2 contains a
reflected cross-site
CVE-2026-48213 (Open ISES Tickets before 3.44.2 contains a reflected
cross-site script ...)
TODO: check
CVE-2026-48207 (Deserialization of untrusted data in Apache Fory PyFory.
PyFory's Redu ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-45760 ((Externally Controlled Reference to a Resource in Another
Sphere), (Au ...)
TODO: check
CVE-2026-45255 (When bsdinstall or bsdconfig are prompted to scan for nearby
Wi-Fi net ...)
@@ -101,37 +101,37 @@ CVE-2026-45252 (When a fusefs file system implements
extended attributes, the ke
CVE-2026-45251 (A file descriptor can be closed while a thread is blocked in a
poll(2) ...)
TODO: check
CVE-2026-45208 (A time-of-check time-of-use vulnerability in the Apex One/SEP
agent co ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2026-45207 (An origin validation vulnerability in the Apex One/SEP agent
could all ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2026-45206 (An origin validation vulnerability in the Apex One/SEP agent
could all ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2026-39593 (Missing Authorization vulnerability in VillaTheme HAPPY allows
Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39531 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39461 (libcasper(3) communicates with helper processes via UNIX
domain socket ...)
TODO: check
CVE-2026-36189 (Buffer Overflow vulnerability in Uncrustify Project Affected
v.Uncrust ...)
TODO: check
CVE-2026-34930 (An origin validation vulnerability in the Apex One/SEP agent
could all ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2026-34929 (An origin validation vulnerability in the Apex One/SEP agent
could all ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2026-34928 (An origin validation vulnerability in the Apex One/SEP agent
could all ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2026-34927 (An origin validation vulnerability in the Apex One/SEP agent
could all ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2026-34926 (A directory traversal vulnerability in the Apex One
(on-premise) serve ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2026-2740 (Zohocorp ManageEngine ADSelfService Plus version before 6525,
DataSecu ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2026-28764 (MediaArea MediaInfoLib LXF element parsing heap-based buffer
overflow ...)
TODO: check
CVE-2026-27393 (Missing Authorization vulnerability in Tobias CF7 WOW Styler
allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27349 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22880 (Mattermost Mobile Apps versions <=2.37 11.4 2.0.37 11.0.4
11.1.3 11.3. ...)
TODO: check
CVE-2026-1816 (Improper restriction of excessive authentication attempts
vulnerabilit ...)
@@ -141,21 +141,21 @@ CVE-2026-1815 (Insufficient session expiration
vulnerability in Turkiye Electric
CVE-2026-0393 (The affected product may expose credentials remotely between
low privi ...)
TODO: check
CVE-2025-71217 (An origin validation error vulnerability in the Trend Micro
Apex One ( ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2025-71216 (A time-of-check time-of-use vulnerability in the Trend Micro
Apex One ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2025-71215 (A time-of-check time-of-use vulnerability in the Trend Micro
Apex One ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2025-71214 (An origin validation error vulnerability in the Trend Micro
Apex One ( ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2025-71213 (An origin validation error vulnerability in Trend Micro Apex
One could ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2025-71212 (A link following vulnerability in the Trend Micro Apex One
scan engine ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2025-71211 (A vulnerability in the Trend Micro Apex One management console
could a ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2025-71210 (A vulnerability in the Trend Micro Apex One management console
could a ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2025-13479 (Authorization bypass through User-Controlled key vulnerability
in PosC ...)
TODO: check
CVE-2025-13477 (Exposure of private personal information to an unauthorized
actor, Ins ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3841a9b28426e2d360a2621b922f08988780791
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3841a9b28426e2d360a2621b922f08988780791
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
