Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
76e3fa0a by security tracker role at 2026-06-01T19:20:46+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,29 +1,29 @@
CVE-2026-9614 (An Improper Access Control vulnerability in IvantiNeurons
forITSM(clou ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2026-9330 (IBM WebSphere Application Server 9.0, and 8.5 is affected by an
improp ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-9319 (IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to
potenti ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-9311 (IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to
remote ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-9309 (Firefox for iOS Reader View did not properly escape HTML tags
in JSON- ...)
TODO: check
CVE-2026-9308 (Firefox for iOS Reader View replaced page content in its HTML
template ...)
TODO: check
CVE-2026-9024 (A Stored Cross-site Scripting (XSS) vulnerability affecting
Process Ex ...)
- TODO: check
+ NOT-FOR-US: Dassault Systemes
CVE-2026-8931 (A critical Remote Code Execution (RCE) vulnerability exists in
Disig W ...)
TODO: check
CVE-2026-8644 (IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to
identit ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-8501 (Improper access control in the PCTCore64.sys Windows kernel
driver fro ...)
TODO: check
CVE-2026-8474 (A vulnerability was discovered on Stormshield Network Security
...)
TODO: check
CVE-2026-7858 (A Deserialization of Untrusted Data vulnerability affecting
Teamwork C ...)
- TODO: check
+ NOT-FOR-US: Dassault Systemes
CVE-2026-7770 (IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access
Client Solut ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-49361 (Apache Fluss versions prior to 0.9.1 configure the Netty
LengthFieldBa ...)
TODO: check
CVE-2026-49270 (Exposure of Sensitive Information Through Metadata
vulnerability in Ap ...)
@@ -33,13 +33,13 @@ CVE-2026-49157 (Incorrect Default Permissions vulnerability
in Apache ActiveMQ.
CVE-2026-49121 (AI Tensor Engine for ROCm (AITER) through 0.1.14 contains an
unauthent ...)
TODO: check
CVE-2026-48879 (Incorrect Privilege Assignment vulnerability in Sergey AIWU
allows Pri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-48866 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-48865 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-48839 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-48559 (Lightweight Music Server (LMS) though 3.76.0 contains a stored
cross-s ...)
TODO: check
CVE-2026-48210 (An improper default configuration in OTRS 2026.3.1 causes
ticket artic ...)
@@ -59,7 +59,7 @@ CVE-2026-48188 (An improper Input Validation vulnerability in
OTRS or ((OTRS)) C
CVE-2026-48187 (An uncontrolled allocation of resources without limits or
throttling i ...)
TODO: check
CVE-2026-47294 (Deserialization of untrusted data in Microsoft Office
SharePoint allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-46605 (Incomplete authorization by Apache ActiveMQ server before
versions v6. ...)
TODO: check
CVE-2026-45810 (Nextcloud is an open source content collaboration platform. In
Nextclo ...)
@@ -141,31 +141,31 @@ CVE-2026-43624 (F5-TTS through version 1.1.20 contains a
path traversal vulnerab
CVE-2026-43623 (microtar through 0.1.0 contains a stack-based buffer overflow
vulnerab ...)
TODO: check
CVE-2026-42683 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42682 (Missing Authorization vulnerability in Tomdever wpForo Forum
allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42681 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42680 (Incorrect Privilege Assignment vulnerability in Wasiliy
Strecker / Con ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42679 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42678 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42677 (Missing Authorization vulnerability in Ben Balter WP Document
Revision ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42676 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42675 (Missing Authorization vulnerability in Themefic Hydra Booking
allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42674 (Authentication Bypass by Spoofing vulnerability in AAM Plugin
Advanced ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42673 (Insertion of Sensitive Information Into Sent Data
vulnerability in Log ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42672 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42671 (Missing Authorization vulnerability in Paolo GeoDirectory
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42588 (Improper Input Validation, Improper Control of Generation of
Code ('Co ...)
TODO: check
CVE-2026-42253 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -225,7 +225,7 @@ CVE-2026-37221 (FlexRIC v2.0.0 crashes when receiving a
RIC_SUBSCRIPTION_RESPONS
CVE-2026-37220 (FlexRIC v2.0.0 crashes when an SCTP association is closed
before an E2 ...)
TODO: check
CVE-2026-34193 (Kernel software installed and running inside a Guest/Host VM
may post ...)
- TODO: check
+ NOT-FOR-US: Imagination Technologies
CVE-2026-32325 (Privilege chaining issue exists in ServerView Agents for
Windows V11.6 ...)
TODO: check
CVE-2026-30963 (Capsule is a multi-tenancy and policy-based framework for
Kubernetes. ...)
@@ -241,15 +241,15 @@ CVE-2026-23638 (Kiteworks is a private data network
(PDN). Prior to version 9.3.
CVE-2026-22872 (Capsule is a multi-tenancy and policy-based framework for
Kubernetes. ...)
TODO: check
CVE-2026-20456 (In wlan STA driver, there is a possible system crash due to a
missing ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20455 (In geniezone, there is a possible out of bounds write due to a
missing ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20454 (In geniezone, there is a possible out of bounds write due to a
race co ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20453 (In geniezone, there is a possible out of bounds write due to a
missing ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20452 (In wlan AP driver, there is a possible memory corruption due
to a heap ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-10533 (A flaw was found in OpenShift Container Platform. Completed
pods with ...)
TODO: check
CVE-2026-10532 (Deserialization of untrusted data vulnerability in QOS.CH Sarl
logback ...)
@@ -283,7 +283,7 @@ CVE-2026-10272 (A vulnerability has been found in a4m4
Student-Management-System
CVE-2026-10271 (A flaw has been found in a4m4 Student-Management-System up to
f0c5f684 ...)
TODO: check
CVE-2026-10270 (A vulnerability was detected in D-Link DI-7001 MINI up to
19.09.19A1. ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-10269 (A security vulnerability has been detected in decolua 9router
up to 0. ...)
TODO: check
CVE-2026-10268 (A weakness has been identified in janet-lang janet up to
1.41.0. This ...)
@@ -291,11 +291,11 @@ CVE-2026-10268 (A weakness has been identified in
janet-lang janet up to 1.41.0.
CVE-2026-10267 (A security flaw has been discovered in janet-lang janet up to
1.41.0. ...)
TODO: check
CVE-2026-10265 (A vulnerability was identified in itsourcecode Content
Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10264 (A vulnerability was determined in lharries whatsapp-mcp 0.0.1.
Affecte ...)
TODO: check
CVE-2026-10263 (A vulnerability was found in SourceCodester Computer Repair
Shop Manag ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10262 (A vulnerability has been found in code-projects Real State
Services 1. ...)
TODO: check
CVE-2026-10261 (A flaw has been found in CodeAstro Online Job Portal 1.0. This
affects ...)
@@ -305,39 +305,39 @@ CVE-2026-10260 (A vulnerability was detected in CodeAstro
Online Job Portal 1.0.
CVE-2026-10259 (A security vulnerability has been detected in H3C Magic B0 up
to 100R0 ...)
TODO: check
CVE-2026-10258 (A weakness has been identified in itsourcecode Content
Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10257 (A security flaw has been discovered in itsourcecode Content
Management ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10256 (A vulnerability was identified in itsourcecode Content
Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10255 (A vulnerability has been found in SourceCodester Pharmacy
Sales and In ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10254 (A flaw has been found in SourceCodester Pet Grooming
Management Softwa ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10253 (A vulnerability was detected in itsourcecode Online House
Rental Syste ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10252 (A security vulnerability has been detected in itsourcecode
Online Hous ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10251 (A weakness has been identified in itsourcecode Online House
Rental Sys ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10250 (A security flaw has been discovered in itsourcecode Online
Blood Bank ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10249 (A vulnerability was identified in itsourcecode Online Blood
Bank Manag ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10248 (A vulnerability was determined in SourceCodester Pharmacy
Sales and In ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10247 (A vulnerability was found in SourceCodester Pharmacy Sales and
Invento ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10246 (A vulnerability has been found in SourceCodester Pharmacy
Sales and In ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10245 (A flaw has been found in SourceCodester Pharmacy Sales and
Inventory S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10244 (A vulnerability was detected in SourceCodester Pharmacy Sales
and Inve ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10243 (A security vulnerability has been detected in code-projects
Smart Park ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-10242 (A weakness has been identified in itsourcecode Content
Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10241 (A security flaw has been discovered in jeecgboot The server
processes ...)
TODO: check
CVE-2026-10240 (A vulnerability was identified in JeecgBoot up to 3.9.2. The
impacted ...)
@@ -345,11 +345,11 @@ CVE-2026-10240 (A vulnerability was identified in
JeecgBoot up to 3.9.2. The imp
CVE-2026-10239 (A vulnerability was determined in JeecgBoot up to 3.9.2. The
affected ...)
TODO: check
CVE-2026-10237 (A vulnerability was found in SourceCodester Water Billing
Management S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10236 (A vulnerability has been found in SourceCodester Water Billing
Managem ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10235 (A flaw has been found in CodeAstro Ingredients Stock
Management System ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2026-10234 (A vulnerability was detected in Mettle sendportal up to 3.0.1.
This af ...)
TODO: check
CVE-2026-10233 (A security vulnerability has been detected in Assimp up to
6.0.4. Affe ...)
@@ -389,7 +389,7 @@ CVE-2026-10217 (A flaw has been found in nextlevelbuilder
GoClaw up to 3.11.3. T
CVE-2026-10216 (A vulnerability was detected in unitedbyai droidclaw up to
0.5.3. The ...)
TODO: check
CVE-2026-10215 (A security vulnerability has been detected in Dolibarr ERP CRM
up to 2 ...)
- TODO: check
+ NOT-FOR-US: Dolibarr
CVE-2026-10214 (A weakness has been identified in zhayujie chatgpt-on-wechat
up to 2.0 ...)
TODO: check
CVE-2026-10213 (A security flaw has been discovered in AstrBotDevs AstrBot
4.23.6. Thi ...)
@@ -401,11 +401,11 @@ CVE-2026-10211 (A vulnerability was determined in
AstrBotDevs AstrBot 4.23.6. Af
CVE-2026-10210 (A vulnerability was found in AstrBotDevs AstrBot 4.23.6.
Affected by t ...)
TODO: check
CVE-2026-10209 (A vulnerability has been found in code-projects Online
Hospital Manage ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-10208 (A flaw has been found in code-projects Online Hospital
Management Syst ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-10206 (A vulnerability was detected in D-Link DI-8400 up to
16.07.26A1. This ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-10205 (A security vulnerability has been detected in Metasoft
\u7f8e\u7279\u8 ...)
TODO: check
CVE-2026-10204 (A weakness has been identified in OFCMS 1.1.3. The affected
element is ...)
@@ -427,9 +427,9 @@ CVE-2026-10197 (A vulnerability was detected in Assimp up
to 6.0.4. Affected is
CVE-2026-10118 (A flaw was found in Poppler's Splash backend. A remote
attacker could ...)
TODO: check
CVE-2026-0826 (In certain scenarios when the admin has enabled Interactive
Connectivi ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2026-0072 (In addInputMethodListener of
com.android.server.inputmethod.InputMetho ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-60495 (A segmentation violation in the gf_media_get_color_info
function (/med ...)
TODO: check
CVE-2025-60486 (A heap use-after-free in the dasher_process function
(/filters/dasher. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76e3fa0a4693416defdd55422027a1567ae85b1c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76e3fa0a4693416defdd55422027a1567ae85b1c
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
