Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2ac18435 by security tracker role at 2026-05-28T19:14:09+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,9 +13,9 @@ CVE-2026-9804 (A flaw was found in KubeVirt's
virt-exportserver component. An at
CVE-2026-9658 (Plack::Middleware::Security::Common versions before 0.13.1 for
Perl di ...)
TODO: check
CVE-2026-9618 (The PeachPay \u2014 Payments & Express Checkout for WooCommerce
(suppo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9227 (The GutenBee \u2013 Gutenberg Blocks plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9098 (In Casdoor versions 2.362.0 and earlier, the SAML callback
handler in ...)
TODO: check
CVE-2026-9097 (Casdoor versions 2.362.0 and earlier do not verify that a JWT
used for ...)
@@ -35,7 +35,7 @@ CVE-2026-9091 (Casdoor versions 2.362.0 and earlier contain a
logic flaw in the
CVE-2026-9090 (Casdoor versions 2.362.0 and earlier contain a vulnerability
that allo ...)
TODO: check
CVE-2026-9015 (The Equalize Digital Accessibility Checker \u2013 WCAG, ADA,
EAA and S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8990 (A user with physical access to a smartphone can
bypassauthentication m ...)
TODO: check
CVE-2026-8980 (The Mennekes Amtron series (firmware versions \u2264 5.22.3) is
vulner ...)
@@ -43,47 +43,47 @@ CVE-2026-8980 (The Mennekes Amtron series (firmware
versions \u2264 5.22.3) is v
CVE-2026-8979 (The Mennekes Amtron series (firmware versions \u2264 5.22.3) is
vulner ...)
TODO: check
CVE-2026-8697 (Due to improper enforcement of authentication rate-limiting on
a debug ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-8689 (The Visualizer: Tables and Charts Manager for WordPress plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8682 (The 3D Viewer \u2013 3D Model Viewer \u2013 Augmented Reality
\u2013 V ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7862 (The Eupago Gateway For Woocommerce WordPress plugin before
4.7.2 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7797 (The Appointment Booking Calendar \u2014 Simply Schedule
Appointments B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7660 (The Easy Updates Manager plugin for WordPress is vulnerable to
Reflect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7651 (The User Registration & Membership \u2013 Free & Paid
Memberships, Sub ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7634 (The SlimStat Analytics plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7621 (The SMTP2GO for WordPress \u2013 Email Made Easy plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7552 (The Geo Mashup plugin for WordPress is vulnerable to
authorization byp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7526 (The PDF Embedder plugin for WordPress is vulnerable to
Sensitive Infor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7052 (The HT Contact Form \u2013 Drag & Drop Form Builder for
WordPress plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7048 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery
plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6937 (The Appointment Booking Calendar \u2014 Simply Schedule
Appointments B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6720 (When calicoctl is invoked with --log-level=info or
--log-level=debug, ...)
TODO: check
CVE-2026-6455 (The WP Contact Form 7 DB Handler plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6427 (The a3 Lazy Load plugin for WordPress is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6226 (The Frontend Admin by DynamiApps plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4944 (vllm-project/vllm version 0.14.1 contains a vulnerability where
the `t ...)
TODO: check
CVE-2026-4377 (DlinkDWR-X1820 router uses weak default password generated from
its IM ...)
TODO: check
CVE-2026-4334 (The Shariff Wrapper plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-49238 (An issue was discovered in Canonical Multipass before version
1.16.3. ...)
TODO: check
CVE-2026-49237 (An issue was discovered in Canonical Multipass for macOS
before versio ...)
@@ -285,7 +285,7 @@ CVE-2026-35672 (phpMyFAQ before 4.1.3 contains an
authentication bypass vulnerab
CVE-2026-35671 (phpMyFAQ before 4.1.3 contains an insecure direct object
reference vul ...)
TODO: check
CVE-2026-34126 (TP-Link has identified a vulnerability in Tapo L535E v1.0 and
v3.0, Ta ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-30761 (An arbitrary file upload vulnerability in the
pages/admin.uploadmapimg ...)
TODO: check
CVE-2026-30760 (An issue in SourceBans Material Admin before v.1.1.6 (3ecd95e)
allows ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ac1843508d2a212f0f3e7da7e1415b9f44b5490
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ac1843508d2a212f0f3e7da7e1415b9f44b5490
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
