Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3172dedc by Moritz Muehlenhoff at 2026-06-13T23:22:15+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10,7 +10,7 @@ CVE-2026-XXXX [RUSTSEC-2026-0174]
CVE-2026-9629 (The Canvas plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
NOT-FOR-US: WordPress plugin
CVE-2026-6428 (SQL Injection in reports/catalogue_out.pl in Koha Community
Koha throu ...)
- TODO: check
+ - koha <itp> (bug #702134)
CVE-2026-5513 (The Online Scheduling and Appointment Booking System \u2013
Bookly plu ...)
NOT-FOR-US: WordPress plugin
CVE-2026-3297 (The Page Builder: Pagelayer \u2013 Drag and Drop website
builder plugi ...)
@@ -20,9 +20,9 @@ CVE-2026-2470 (The Page Builder: Pagelayer \u2013 Drag and
Drop website builder
CVE-2026-1291 (The Meow Gallery plugin for WordPress is vulnerable to
unauthorized mo ...)
NOT-FOR-US: WordPress plugin
CVE-2026-12183 (Nefteprodukttekhnika BUK TS-G Gas Station Automation System
2.9.1 thro ...)
- TODO: check
+ NOT-FOR-US: Gas Station Automation System
CVE-2026-11624 (The Model Context Protocol has a security warning advising
servers to ...)
- TODO: check
+ NOT-FOR-US: MCP Toolbox for Databases
CVE-2026-9848 (The WP Ticket plugin for WordPress is vulnerable to SQL
Injection via ...)
NOT-FOR-US: WordPress plugin
CVE-2026-9134 (The FooGallery plugin for WordPress is vulnerable to Stored
Cross-Site ...)
@@ -231,7 +231,7 @@ CVE-2026-12089 (The LWS Optimize \u2013 All-in-One Speed
Booster & Cache Tools p
CVE-2026-12068 (Information disclosure vulnerability in Avira Password Manager
when us ...)
NOT-FOR-US: Avira
CVE-2026-11769 (We have released version 5.24.0 of the Grafana Operator. This
patch in ...)
- TODO: check
+ NOT-FOR-US: Grafana Operator
CVE-2026-11443 (Allegra downloadAttachment Cross-Site Scripting Authentication
Bypass ...)
NOT-FOR-US: Allegra
CVE-2026-11442 (Allegra exportReport Directory Traversal Information
Disclosure Vulner ...)
@@ -579,7 +579,7 @@ CVE-2026-12143 (form-data is a library for creating
readable multipart/form-data
CVE-2026-12066 (A security flaw has been discovered in PbootCMS up to 3.2.12.
This vul ...)
NOT-FOR-US: PbootCMS
CVE-2026-12065 (A vulnerability was identified in Groww Stock, Mutual Fund,
Gold App u ...)
- TODO: check
+ NOT-FOR-US: Groww
CVE-2026-12058 (The connection confirmation pop-up of a specific feature in
the PcSuit ...)
NOT-FOR-US: Vivo
CVE-2026-12043 (Improper handling of HPACK dynamic table size updates in the
AWS Commo ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3172dedc2424b77d987780c200f7208b443ce018
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3172dedc2424b77d987780c200f7208b443ce018
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
