Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2b8d2031 by security tracker role at 2026-06-08T07:12:56+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,93 @@
+CVE-2026-11495 (A vulnerability was detected in CodeAstro Ingredients Stock
Management ...)
+ TODO: check
+CVE-2026-11494 (A security vulnerability has been detected in TOTOLINK AC1200
T8 4.1.5 ...)
+ TODO: check
+CVE-2026-11493 (A weakness has been identified in Tenda AC15 15.03.05.19. The
impacted ...)
+ TODO: check
+CVE-2026-11492 (A security flaw has been discovered in D-Link DIR-823G
1.0.2B05. The a ...)
+ TODO: check
+CVE-2026-11491 (A vulnerability was identified in CodeAstro Human Resource
Management ...)
+ TODO: check
+CVE-2026-11490 (A vulnerability was determined in code-projects Online Music
Site 1.0. ...)
+ TODO: check
+CVE-2026-11489 (A vulnerability was found in code-projects Online Music Site
1.0. This ...)
+ TODO: check
+CVE-2026-11488 (A vulnerability has been found in code-projects Simple Flight
Ticket B ...)
+ TODO: check
+CVE-2026-11487 (A flaw has been found in Neovim up to 0.12.2. Affected by this
issue i ...)
+ TODO: check
+CVE-2026-11486 (A vulnerability was detected in SourceCodester Class and Exam
Timetabl ...)
+ TODO: check
+CVE-2026-11485 (A security vulnerability has been detected in SourceCodester
Class and ...)
+ TODO: check
+CVE-2026-11484 (A weakness has been identified in SourceCodester Class and
Exam Timeta ...)
+ TODO: check
+CVE-2026-11483 (A security flaw has been discovered in SourceCodester Class
and Exam T ...)
+ TODO: check
+CVE-2026-11482 (A vulnerability was identified in SourceCodester Class and
Exam Timeta ...)
+ TODO: check
+CVE-2026-11481 (A vulnerability was determined in yoanbernabeu grepai up to
0.35.0. Th ...)
+ TODO: check
+CVE-2026-11480 (A vulnerability was found in Chengdu Everbrite Network
Technology Beik ...)
+ TODO: check
+CVE-2026-11479 (A vulnerability has been found in yoanbernabeu grepai 0.35.0.
This iss ...)
+ TODO: check
+CVE-2026-11478 (A flaw has been found in kokke tiny-regex-c up to
f2632c6d9ed252729874 ...)
+ TODO: check
+CVE-2026-11477 (A vulnerability was detected in hs-web hsweb-framework up to
5.0.1. Th ...)
+ TODO: check
+CVE-2026-11476 (A security vulnerability has been detected in Kushan2k
student-managem ...)
+ TODO: check
+CVE-2026-11475 (A weakness has been identified in Kushan2k
student-management-system u ...)
+ TODO: check
+CVE-2026-11474 (A security flaw has been discovered in Kushan2k
student-management-sys ...)
+ TODO: check
+CVE-2026-11473 (A vulnerability was identified in jflyfox jfinal_cms up to
5.1.0. This ...)
+ TODO: check
+CVE-2026-11472 (A vulnerability was determined in SourceCodester Class and
Exam Timeta ...)
+ TODO: check
+CVE-2026-11471 (A vulnerability was found in SourceCodester Class and Exam
Timetabling ...)
+ TODO: check
+CVE-2026-11470 (A vulnerability has been found in hs-web hsweb-framework up to
5.0.1. ...)
+ TODO: check
+CVE-2026-11469 (A flaw has been found in jishenghua jshERP up to 3.6. Impacted
is the ...)
+ TODO: check
+CVE-2026-11468 (A vulnerability was detected in SourceCodester Hospitals
Patient Recor ...)
+ TODO: check
+CVE-2026-11467 (A security vulnerability has been detected in jishenghua
jshERP up to ...)
+ TODO: check
+CVE-2026-11466 (A weakness has been identified in zilliztech deep-searcher up
to 0.0.2 ...)
+ TODO: check
+CVE-2026-11465 (A security flaw has been discovered in songquanpeng one-api up
to 0.6. ...)
+ TODO: check
+CVE-2026-11464 (A vulnerability was identified in JeecgBoot up to 3.9.2.
Affected by t ...)
+ TODO: check
+CVE-2026-11463 (A vulnerability was determined in USCiLab Cereal up to 1.3.2.
Affected ...)
+ TODO: check
+CVE-2026-11462 (A vulnerability was found in Chengdu Everbrite Network
Technology Beik ...)
+ TODO: check
+CVE-2026-11461 (A vulnerability has been found in NousResearch hermes-agent up
to 0.12 ...)
+ TODO: check
+CVE-2026-11460 (A flaw has been found in Boost Serialization up to 1.91. The
impacted ...)
+ TODO: check
+CVE-2024-58349 (WordPress Theme Travelscape 1.0.3 contains an arbitrary file
upload vu ...)
+ TODO: check
+CVE-2024-58348 (WordPress Background Image Cropper version 1.2 contains a
remote code ...)
+ TODO: check
+CVE-2023-54352 (WordPress Seotheme contains a remote code execution
vulnerability that ...)
+ TODO: check
+CVE-2023-54351 (WordPress Sonaar Music Plugin 4.7 contains a stored cross-site
scripti ...)
+ TODO: check
+CVE-2023-54350 (WordPress Augmented-Reality plugin contains a remote code
execution vu ...)
+ TODO: check
+CVE-2022-50953 (WordPress Plugin admin-word-count-column 2.2 contains a local
file rea ...)
+ TODO: check
+CVE-2021-47984 (WordPress Plugin WP24 Domain Check 1.6.2 contains a stored
cross-site ...)
+ TODO: check
+CVE-2021-47983 (WordPress Plugin Stripe Payments 2.0.39 contains a stored
cross-site s ...)
+ TODO: check
+CVE-2021-47982 (WordPress Plugin WP-Paginate 2.1.3 contains a stored
cross-site script ...)
+ TODO: check
CVE-2026-49494 (Comodo Internet Security's firewall driver Inspect.sys
contains an int ...)
NOT-FOR-US: Comodo Internet Security
CVE-2026-36229
@@ -12590,13 +12680,13 @@ CVE-2025-11954 (Cross-Site request forgery (CSRF)
vulnerability in Sitemio Infor
CVE-2023-7346 (Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address
derivat ...)
NOT-FOR-US: Ledger Bitcoin app
CVE-2026-41073 (RT is an open source, enterprise-grade issue and ticket
tracking syste ...)
- {DSA-6324-1}
+ {DSA-6327-1 DSA-6324-1}
- request-tracker5 5.0.10+dfsg-1
- request-tracker4 <removed>
NOTE: https://github.com/bestpractical/rt/releases/tag/rt-5.0.10
NOTE: Fixed by:
https://github.com/bestpractical/rt/commit/dce7ff6799d930d09c10a50539325f1290440d4b
(rt-5.0.10)
CVE-2026-44229
- {DSA-6324-1}
+ {DSA-6327-1 DSA-6324-1}
- request-tracker5 5.0.10+dfsg-1
- request-tracker4 <removed>
NOTE: https://github.com/bestpractical/rt/releases/tag/rt-5.0.10
@@ -12613,25 +12703,25 @@ CVE-2026-44227
- request-tracker4 <not-affected> (Only affects RT6)
NOTE: https://github.com/bestpractical/rt/releases/tag/rt-6.0.3
CVE-2026-6841 (Request Tracker is vulnerable to a reflected cross-site
scripting (XSS ...)
- {DSA-6324-1}
+ {DSA-6327-1 DSA-6324-1}
- request-tracker5 5.0.10+dfsg-1
- request-tracker4 <removed>
NOTE: https://github.com/bestpractical/rt/releases/tag/rt-5.0.10
NOTE: Fixed by:
https://github.com/bestpractical/rt/commit/d7abb692a5ab7a7738a08be3debb92b1c6ab8215
(rt-5.0.10)
CVE-2026-41076 (RT is an open source, enterprise-grade issue and ticket
tracking syste ...)
- {DSA-6324-1}
+ {DSA-6327-1 DSA-6324-1}
- request-tracker5 5.0.10+dfsg-1
- request-tracker4 <removed>
NOTE: https://github.com/bestpractical/rt/releases/tag/rt-5.0.10
NOTE: Fixed by:
https://github.com/bestpractical/rt/commit/c8120898d92adf1adae6fce11e0816d08afb395f
(rt-5.0.10)
CVE-2026-41075 (RT is an open source, enterprise-grade issue and ticket
tracking syste ...)
- {DSA-6324-1}
+ {DSA-6327-1 DSA-6324-1}
- request-tracker5 5.0.10+dfsg-1
- request-tracker4 <removed>
NOTE: https://github.com/bestpractical/rt/releases/tag/rt-5.0.10
NOTE: Fixed by:
https://github.com/bestpractical/rt/commit/9ed06dadc29a75e17b25017f929edeff62d224bc
(rt-5.0.10)
CVE-2026-44231
- {DSA-6324-1}
+ {DSA-6327-1 DSA-6324-1}
- request-tracker5 5.0.10+dfsg-1
- request-tracker4 <removed>
NOTE: https://github.com/bestpractical/rt/releases/tag/rt-5.0.10
@@ -43267,6 +43357,7 @@ CVE-2026-4315 (A Cross-Site Request Forgery (CSRF)
vulnerability in the WatchGua
CVE-2026-4266 (An Insecure Deserialization vulnerability in WatchGuard
Fireware OS al ...)
NOT-FOR-US: WatchGuard
CVE-2026-4046 (The iconv() function in the GNU C Library versions 2.43 and
earlier ma ...)
+ {DLA-4621-1}
- glibc 2.42-15 (bug #1132499)
[trixie] - glibc 2.41-12+deb13u3
[bookworm] - glibc 2.36-9+deb12u14
@@ -75313,6 +75404,7 @@ CVE-2025-12985 (IBM Licensing Operator incorrectly
assigns privileges to securit
CVE-2025-11743 (A denial-of-service security issue in the affected product.
The securi ...)
NOT-FOR-US: Rockwell Automation
CVE-2025-15281 (Calling wordexp with WRDE_REUSE in conjunction with
WRDE_APPEND in the ...)
+ {DLA-4621-1}
- glibc 2.42-11 (bug #1126266)
[trixie] - glibc 2.41-12+deb13u2
[bookworm] - glibc 2.36-9+deb12u14
@@ -76197,6 +76289,7 @@ CVE-2026-0939 (The Rede Ita\xfa for WooCommerce plugin
for WordPress is vulnerab
CVE-2026-0916 (The Related Posts by Taxonomy plugin for WordPress is
vulnerable to St ...)
NOT-FOR-US: WordPress plugin
CVE-2026-0915 (Calling getnetbyaddr or getnetbyaddr_r with a configured
nsswitch.conf ...)
+ {DLA-4621-1}
- glibc 2.42-8 (bug #1125748)
[trixie] - glibc 2.41-12+deb13u2
[bookworm] - glibc 2.36-9+deb12u14
@@ -76815,6 +76908,7 @@ CVE-2026-0959 (IEEE 802.11 protocol dissector crash in
Wireshark 4.6.0 to 4.6.2
NOTE: Fixed by:
https://gitlab.com/wireshark/wireshark/-/commit/4b48ee36f1829d6d3d009bf9871af523ce8e3ace
NOTE: Introduced by:
https://gitlab.com/wireshark/wireshark/-/commit/23bc2d48bb8267eac471091d03b633cbab37c973
(v4.1.0)
CVE-2026-0861 (Passing too large an alignment to the memalign suite of
functions (mem ...)
+ {DLA-4621-1}
- glibc 2.42-8 (bug #1125678)
[trixie] - glibc 2.41-12+deb13u2
[bookworm] - glibc 2.36-9+deb12u14
@@ -140862,6 +140956,7 @@ CVE-2025-8069 (During the AWS Client VPN client
installation on Windows devices,
CVE-2025-8060 (A vulnerability has been found in Tenda AC23 16.03.07.52 and
classifie ...)
NOT-FOR-US: Tenda
CVE-2025-8058 (The regcomp function in the GNU C library version from 2.4 to
2.41 is ...)
+ {DLA-4621-1}
- glibc 2.41-11 (bug #1109803)
[bookworm] - glibc 2.36-9+deb12u13
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=33185
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b8d2031e0c65f1e98f604209111978e982d8192
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b8d2031e0c65f1e98f604209111978e982d8192
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
