Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5aab511a by security tracker role at 2026-06-17T19:13:41+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2026-9697 (Impact: undici's ProxyAgent silently drops the requestTls
option when ...)
TODO: check
CVE-2026-9690 (Unauthenticated Arbitrary File Download in WP Media folder
Addon <= 4. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-9679 (Impact: undici's cookie parser in parseSetCookie
percent-decodes cooki ...)
TODO: check
CVE-2026-9678 (Impact: Undici's cache interceptor incorrectly classifies some
respons ...)
@@ -11,25 +11,25 @@ CVE-2026-9675 (Impact: The undici WebSocket client enforces
maxPayloadSize per-f
CVE-2026-9591 (Cross-site request forgery (CSRF) in NewsItemApiController in
SimplCom ...)
TODO: check
CVE-2026-9570 (The Taskbuilder WordPress plugin before 5.0.8 does not
properly sanit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8607 (The Points Management System For Gamification, Ranks, Badges,
and Loya ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8494 (The Permalink Manager Lite plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8383 (The LearnPress WordPress plugin before 4.3.7 does not gate the
`edit` ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8089 (The weMail: Email Marketing, Email Automation, Newsletters,
Subscriber ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7850 (The WP Magnific Popup WordPress plugin through 1.0 does not
properly e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7300 (Buffer Copy without Checking Size of Input ('Classic Buffer
Overflow') ...)
- TODO: check
+ NOT-FOR-US: RTI Connext
CVE-2026-6734 (Impact: When using Socks5ProxyAgent, undici reuses a single
connection ...)
TODO: check
CVE-2026-6733 (Impact: Undici's HTTP/1.1 client is vulnerable to response
queue poiso ...)
TODO: check
CVE-2026-5667 (Use of Hard-coded Credentials vulnerability in Mitsubishi
Electric Roo ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2026-55743 (The shell tool command allowlist in the SecurityPolicy of
OpenHuman de ...)
TODO: check
CVE-2026-55738 (A stack-based buffer overflow exists in the raw_to_header()
function i ...)
@@ -41,65 +41,65 @@ CVE-2026-55197 (Hermes WebUI before 0.51.443 contains a
broken access control vu
CVE-2026-55196 (Hermes WebUI before 0.51.409 contains an authentication bypass
vulnera ...)
TODO: check
CVE-2026-54819 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54818 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54817 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54816 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54815 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54814 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54813 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54812 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54811 (Unauthenticated SQL Injection in WP eMember < v10.9.4
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54810 (Missing Authorization vulnerability in Nexi Payments Nexi XPay
allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54809 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54808 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54807 (Unauthenticated Privilege Escalation in Registration Form for
WooComme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54806 (Unauthenticated PHP Object Injection in WP Activity Log <=
5.6.3.1 ver ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54805 (Subscriber Privilege Escalation in Falang multilanguage <=
1.4.2 versi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54804 (Subscriber Broken Authentication in Melhor Envio <= 2.16.3
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54803 (Subscriber Privilege Escalation in SMS Alert Order
Notifications <= 3. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54802 (Unauthenticated Broken Authentication in SMS Alert Order
Notifications ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54417 (An integer overflow in the mtar_next() function in
src/microtar.c in r ...)
TODO: check
CVE-2026-54415 (Missing Authorization in the server management routes
(routes/admin.ph ...)
TODO: check
CVE-2026-54196 (Subscriber Privilege Escalation in JetFormBuilder <= 3.6.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54195 (Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder
<= 3.6.0. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54193 (Contributor Arbitrary File Deletion in Fusion Builder <=
3.15.4 versio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54192 (Unauthenticated Cross Site Scripting (XSS) in Popup box <=
6.2.9 versi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54189 (Unauthenticated Cross Site Scripting (XSS) in JetEngine <=
3.8.10 vers ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54188 (Unauthenticated Cross Site Scripting (XSS) in JetEngine <=
3.8.10 vers ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54187 (Unauthenticated SQL Injection in JetEngine <= 3.8.10.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54186 (Unauthenticated SQL Injection in JobSearch <= 3.2.9 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54185 (Subscriber SQL Injection in Cornerstone < 7.8.8 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-54184 (Unauthenticated Insecure Direct Object References (IDOR) in
Clean Logi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-53875 (picklescan before 1.0.3 contains a scanning bypass
vulnerability in th ...)
TODO: check
CVE-2026-53874 (picklescan before 1.0.1 contains an unsafe deserialization
vulnerabili ...)
@@ -117,51 +117,51 @@ CVE-2026-53869 (Hermes Agent before 0.16.0 contains a DNS
rebinding vulnerabilit
CVE-2026-53805 (NVIDIA Spatial Intelligence Lab's (SIL) GEN3C contains an
unauthentica ...)
TODO: check
CVE-2026-52716 (Unauthenticated Arbitrary File Deletion in WorkScout-Core <=
1.7.11 ve ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-52707 (Unauthenticated Local File Inclusion in Kastell <= 2.0
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-52706 (Unauthenticated PHP Object Injection in JetEngine <= 3.8.10
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-52705 (Unauthenticated Arbitrary File Upload in SigmaForms Pro \u2013
AI Gene ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-52698 (Subscriber Sensitive Data Exposure in PushEngage \u2013 Web
Push Notif ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-52696 (Unauthenticated Sensitive Data Exposure in JetBlog <= 2.4.8
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49778 (Unauthenticated Cross Site Scripting (XSS) in WPFunnels Pro <=
2.9.4 v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49767 (Unauthenticated Broken Authentication in wpForo Forum <= 3.1.0
version ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49502 (Dell PowerFlex Manager, version(s) [Versions], contain(s) an
Improper ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-49268 (A remote attacker can inject LDAP special characters into the
Distingu ...)
TODO: check
CVE-2026-49108 (Unauthenticated PHP Object Injection in Moderno < 1.43
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49107 (Unauthenticated PHP Object Injection in Thrive Apprentice <
10.8.10.2 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49084 (Unauthenticated SQL Injection in JetEngine < 3.8.9.1 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49081 (Unauthenticated Broken Access Control in User Registration
Stripe <= 1 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49079 (Unauthenticated SQL Injection in JetSearch <= 3.5.17 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49076 (Unauthenticated SQL Injection in JetEngine <= 3.8.9.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49075 (Contributor PHP Object Injection in JetEngine <= 3.8.9.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49074 (Unauthenticated Cross Site Scripting (XSS) in JetEngine <=
3.8.9.1 ver ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49072 (Unauthenticated Broken Access Control in WooCommerce
Anti-Fraud <= 7.2 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49071 (Unauthenticated Broken Authentication in WooCommerce
Dropshipping <= 5 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49058 (Unauthenticated Privilege Escalation in LoginPress Pro <=
6.2.2 versio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-48967 (Subscriber SQL Injection in Geo Mashup <= 1.13.19 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-48875 (Unauthenticated SQL Injection in JetSmartFilters <= 3.8.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-48818 (Starlette is a lightweight ASGI framework/toolkit. In versions
1.0.1 a ...)
TODO: check
CVE-2026-48591 (Improper Neutralization of Script in Attributes in a Web Page
vulnerab ...)
@@ -171,159 +171,159 @@ CVE-2026-48142 (NGINX Plus and NGINX Open Source have a
vulnerability in the ngx
CVE-2026-48117 (DroneAware is a drone detection platform. The centralized
DroneAware s ...)
TODO: check
CVE-2026-47340 (Allow authenticated users to access alert instances associated
with al ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-47103 (Python StateMachine versions 3.0.0 before 3.2.0 contains a
remote code ...)
TODO: check
CVE-2026-45436 (Subscriber Broken Access Control in WPBakery Page Builder <=
8.7.2 ver ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42629 (Unauthenticated Broken Authentication in PowerPack Pro for
Elementor < ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42530 (NGINX Open Source has a vulnerability in the
ngx_http_v3_modulemodule. ...)
TODO: check
CVE-2026-42385 (Unauthenticated Cross Site Scripting (XSS) in Profile Builder
Pro <= 3 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42380 (Unauthenticated PHP Object Injection in AI Lab < 5.4.2
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42357 (Incorrect Authorization vulnerability allows users to access
workflow ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-42055 (NGINX Plus and NGINX Open Source have a vulnerability in the
ngx_http_ ...)
TODO: check
CVE-2026-41557 (Unauthenticated Cross Site Scripting (XSS) in Kapee < 1.7.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-41280 (Incorrect Authorization vulnerability allows users with system
login p ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-40783 (Contributor Remote Code Execution (RCE) in Blocksy Companion
Pro <= 2. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40768 (Unauthenticated Insecure Direct Object References (IDOR) in
Salon book ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40765 (Unauthenticated Cross Site Scripting (XSS) in collectchat <=
2.4.9 ver ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40757 (Unauthenticated PHP Object Injection in Ch\xe2teau <= 1.2.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40756 (Unauthenticated PHP Object Injection in Zoya <= 1.4 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40753 (Unauthenticated PHP Object Injection in EasyMeals <= 1.5.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40752 (Unauthenticated PHP Object Injection in Manufaktur Solutions
<= 1.1.1 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40749 (Subscriber Arbitrary File Upload in Charity Zone <= 1.1.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40748 (Subscriber Arbitrary File Upload in Kids Gift Shop <= 0.5.4
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40747 (Subscriber Arbitrary File Upload in Ecommerce Zone <= 0.9.7
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40746 (Subscriber Arbitrary File Upload in Restaurant Zone <= 0.7.8
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40738 (Unauthenticated PHP Object Injection in Eldon <= 1.4.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40735 (Unauthenticated PHP Object Injection in Reina <= 2.1 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40733 (Unauthenticated PHP Object Injection in ShiftUp <= 1.3
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40731 (Unauthenticated Local File Inclusion in ChapterOne <= 1.7
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40726 (Unauthenticated Broken Access Control in User Registration
Stripe <= 1 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40725 (Unauthenticated PHP Object Injection in WooCommerce Product
Filters < ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40724 (CP Client Arbitrary File Download in Client Portal (Pro) <=
5.6.2 vers ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40723 (Subscriber Broken Access Control in Bricks Builder <= 2.1.4
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40722 (Missing Authorization vulnerability in Yoast BV Yoast SEO
Premium allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40721 (Contributor Local File Inclusion in Element Pack Pro <= 9.0.6
versions ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40720 (Unauthenticated Cross Site Scripting (XSS) in Royal Elementor
Addons P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40641 (Dell PowerFlex Manager, version(s) 4.6.0.1, contain(s) an Use
of a Bro ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-3894 (Out-of-bounds Read vulnerability in RTI Connext Professional
(Core Lib ...)
- TODO: check
+ NOT-FOR-US: RTI Connext
CVE-2026-3490 (picklescan before 1.0.4 fails to block pkgutil.resolve_name,
allowing ...)
TODO: check
CVE-2026-39597 (Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons
for Elemen ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39596 (Unauthenticated SQL Injection in Blocksy Companion Pro <
2.1.29 versio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39595 (Author Broken Access Control in W3 Total Cache <= 2.9.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39590 (Unauthenticated Local File Inclusion in Atomlab <= 2.4.5
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39589 (Subscriber Arbitrary File Upload in Webenvo <= 0.0.6 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39582 (Unauthenticated Local File Inclusion in Hitek < 1.8.3
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39576 (Unauthenticated PHP Object Injection in SingleMalt <= 1.5
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39573 (Unauthenticated PHP Object Injection in Mildhill <= 1.5
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39560 (Unauthenticated PHP Object Injection in Hiroshi <= 1.5.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39559 (Unauthenticated Local File Inclusion in Uppercase < 1.2.2
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39558 (Unauthenticated Local File Inclusion in Malm\xf6 <= 2.2
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39556 (Unauthenticated PHP Object Injection in Konsept <= 1.9
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39546 (Subscriber Privilege Escalation in MultiLoca <= 4.2.15
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39545 (Unauthenticated PHP Object Injection in Zermatt <= 1.6.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39537 (Unauthenticated Local File Inclusion in Mikado Core <= 1.6
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39523 (Unauthenticated Local File Inclusion in Solene Core <= 2.3.2
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39445 (Unauthenticated PHP Object Injection in Alukas < 3.0.0
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39442 (Unauthenticated PHP Object Injection in PressMart <= 1.2.26
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39199 (snes9x 1.63 allows an out-of-bounds write and denial of
service via a ...)
TODO: check
CVE-2026-36418 (JimuReport versions 2.3.4 and below are vulnerable to remote
code exec ...)
TODO: check
CVE-2026-35162 (Dell PowerFlex Manager, version(s) [Versions], contain(s) an
Improper ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-35069 (Dell PowerFlex Manager, version(s) [Versions], contain(s) an
Improper ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-35068 (Dell PowerFlex Manager, version(s) [Versions], contain(s) an
Improper ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-35067 (Dell PowerFlex Manager, version(s) [Versions], contain(s) an
Improper ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-35066 (Dell PowerFlex Manager, version(s) [Versions], contain(s) an
Improper ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-35065 (Dell PowerFlex Manager, version(s) [Versions], contain(s) a
Missing Au ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-34888 (Unauthenticated Sensitive Data Exposure in Bricksforge <=
3.1.8.4 vers ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32967 (Incorrect Authorization vulnerability of `/v2` experimental
interface ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-32966 (DataSource API Missing Authorization Check Leads to Arbitrary
Data Sou ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-32804 (Dell PowerFlex Manager, version(s) [Versions], contain(s) an
Improper ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-32652 (Dell AIOps Collector versions prior to 1.18.3 contain a "Use
of Defaul ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-30803 (Integer Underflow (Wrap or Wraparound) vulnerability in RTI
Connext Mi ...)
- TODO: check
+ NOT-FOR-US: RTI Connext
CVE-2026-30802 (Out-of-bounds Read vulnerability in RTI Connext Micro (Core
Libraries) ...)
- TODO: check
+ NOT-FOR-US: RTI Connext
CVE-2026-30799 (Missing Authentication for Critical Function vulnerability in
RTI Conn ...)
- TODO: check
+ NOT-FOR-US: RTI Connext
CVE-2026-2675 (Missing Authentication for Critical Function vulnerability in
RTI Conn ...)
- TODO: check
+ NOT-FOR-US: RTI Connext
CVE-2026-2674 (Out-of-bounds Write, Out-of-bounds Write, Out-of-bounds Write
vulnerab ...)
- TODO: check
+ NOT-FOR-US: RTI Connext
CVE-2026-2467 (Heap-based Buffer Overflow vulnerability in RTI Connext
Professional ( ...)
- TODO: check
+ NOT-FOR-US: RTI Connext
CVE-2026-28615 (In Telecomm, there is a possible way to initiate an
unauthorized phone ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2026-28587 (In MmsSmsProvider of MmsSmsProvider.java, there is a possible
way to r ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2026-28576 (In Contacts Provider, there is a possible way to access the
contacts d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2026-28575 (In PackageInstaller.Session#transfer of
frameworks/base/services/core/ ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2026-27870 (An attacker with access via network to the Regesta Smart
HD-PLC of the ...)
TODO: check
CVE-2026-27869 (An attacker with access via network to the Regesta Smart
HD-PLC of the ...)
@@ -331,57 +331,57 @@ CVE-2026-27869 (An attacker with access via network to
the Regesta Smart HD-PLC
CVE-2026-27868 (An attacker with access via network to the Regesta Smart
HD-PLC of the ...)
TODO: check
CVE-2026-27410 (Unauthenticated Deserialization of untrusted data in Slimstat
Analytic ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27400 (Unauthenticated Arbitrary File Deletion in BookPro <= 1.1.0
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27041 (Contributor Arbitrary File Upload in Unlimited Elements for
Elementor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25446 (Subscriber Arbitrary File Upload in WishList Member X <=
3.29.0 versio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25439 (Unauthenticated Broken Authentication in Booknetic <= 4.8.5
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24611 (Unauthenticated Broken Access Control in MetForm Pro <= 3.9.1
versions ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24610 (Subscriber Broken Access Control in MetForm Pro <= 3.9.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24575 (Subscriber Broken Access Control in WishList Member X <=
3.29.0 versio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22343 (Unauthenticated Broken Access Control in WordPress Dating
Theme <= 11. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22342 (Unauthenticated Cross Site Request Forgery (CSRF) in WordPress
Dating ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22340 (Unauthenticated SQL Injection in WPJobster <= 6.3.5 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22339 (Unauthenticated Cross Site Scripting (XSS) in WPJobster <=
6.3.5 versi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22338 (Unauthenticated Local File Inclusion in EcoBlue <= 1.15
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22335 (Subscriber SQL Injection in WooCommerce Frontend Manager
\u2013 Ultima ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22334 (Subscriber Arbitrary File Download in Woocommerce Book Price
<= 1.3 ve ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22332 (Unauthenticated SQL Injection in Tutor LMS Pro <= 3.9.6
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22331 (Unauthenticated Local File Inclusion in AutoParts <= 1.5.8
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22330 (Unauthenticated Local File Inclusion in Right Way <= 4.0
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22329 (Unauthenticated Cross Site Scripting (XSS) in Skillate <=
1.2.10 versi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22328 (Unauthenticated Cross Site Scripting (XSS) in Auto Repair <=
22.6 vers ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22327 (Subscriber Arbitrary File Upload in Restaurt <= 1.0.4
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22326 (Unauthenticated Local File Inclusion in Reprizo <= 1.0.8
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22325 (Unauthenticated Local File Inclusion in Promo <= 1.3.0
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22283 (Dell PowerFlex Manager, version(s) Version prior to 4.8,
contain(s) an ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-20266 (In Splunk AI Toolkit versions below 5.7.4, a user who holds
the "admin ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20265 (In Splunk AI Toolkit versions below 5.7.4, a low-privileged
user that ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20246 (A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual
Appliance ...)
TODO: check
CVE-2026-20220 (A vulnerability in the web-based management interface of Cisco
Crosswo ...)
@@ -393,7 +393,7 @@ CVE-2026-20181 (A vulnerability in Cisco ISE and ISE-PIC
could allow an authenti
CVE-2026-20178 (A vulnerability in the browser-based version of Cisco Webex
App could ...)
TODO: check
CVE-2026-1288 (A maliciously crafted RFA file, when converted to FormIt via
\u201cCon ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2026-12528 (A flaw was found in 389 Directory Server in the
__aclp__normalize_aclt ...)
TODO: check
CVE-2026-12515 (A flaw was found in Katello's of Red Hat Satellite. A content
upload f ...)
@@ -403,11 +403,11 @@ CVE-2026-12491 (A flaw was found in vLLM, an open-source
library for large langu
CVE-2026-12199 (A vulnerability in `nltk.app.wordnet_app` up to version 3.9.3
allows u ...)
TODO: check
CVE-2026-12165 (The Contest Gallery \u2013 Upload & Vote Photos, Media, Sell
with PayP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-12151 (Impact: The undici WebSocket client enforces maxPayloadSize on
the cum ...)
TODO: check
CVE-2026-12115 (The Counter Box \u2013 Add Countdowns, Timers & Dynamic
Counters to Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-11975 (Stored cross-site scripting (XSS) in NewsItemApiControllerIn
SimplComm ...)
TODO: check
CVE-2026-11858 (Quanos SCHEMA ST4 on-premises contains a local privilege
escalation vu ...)
@@ -427,25 +427,25 @@ CVE-2026-10837 (Open redirection vulnerability due to
insufficient validation of
CVE-2026-10836 (Improper handling of HTTP headers that allows a remote
attacker to man ...)
TODO: check
CVE-2026-10641 (Zephyr's Bluetooth Classic Hands-Free Profile (HFP) Hands-Free
role pa ...)
- TODO: check
+ NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2026-10094 (A Path Traversal vulnerability affecting SOLIDWORKS Visualize
from SOL ...)
- TODO: check
+ NOT-FOR-US: Dassault Systemes
CVE-2026-0092 (In Package Manager, there is a possible device lock controller
bypass ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2026-0083 (In Nfc::eventCallback() of Nfc.h, there is a possible use after
free d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2026-0082 (In tryStartActivity of NfcDispatcher.java, there is a possible
automat ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2026-0081 (In NFC, there is a possible way to spoof an NFC event due to a
missing ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2026-0071 (In SettingsLib, there is a possible missing permission check
due to a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2026-0068 (In createSessionInternal of PackageInstallerService.java, there
is a p ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2026-0064 (In multiple places, there is a possible persistent denial of
service d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2026-0063 (In setAllowedCarriers of PhoneInterfaceManager.java, there is a
possib ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-71325 (picklescan before 0.0.27 contains a parsing logic error in the
_list_g ...)
TODO: check
CVE-2025-71323 (picklescan before 0.0.33 fails to block the ctypes module,
allowing at ...)
@@ -457,139 +457,139 @@ CVE-2025-71321 (picklescan before 0.0.33 contains an
arbitrary file writing vuln
CVE-2025-71320 (picklescan before 0.0.33 contains an incomplete deny-list that
fails t ...)
TODO: check
CVE-2025-69189 (Missing Authorization vulnerability in EMV JobBank allows
Exploiting I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69179 (Unauthenticated Privilege Escalation in Support Ticket
Management Syst ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69175 (Unauthenticated Local File Inclusion in Line Agency <= 1.3.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69174 (Unauthenticated Local File Inclusion in Etude <= 1.6 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69173 (Unauthenticated Local File Inclusion in Tipsy <= 1.1 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69172 (Unauthenticated Local File Inclusion in Resurs <= 1.3
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69171 (Unauthenticated Local File Inclusion in Orpheus <= 1.3
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69170 (Unauthenticated Local File Inclusion in Eventicity <= 1.5
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69166 (Unauthenticated Local File Inclusion in Gunslinger <= 1.7
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69164 (Unauthenticated Local File Inclusion in Skyward <= 1.10
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69161 (Unauthenticated Local File Inclusion in Snowy <= 1.13
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69158 (Unauthenticated Local File Inclusion in Granola <= 1.13
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69157 (Unauthenticated Local File Inclusion in Gamic <= 1.15
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69148 (Unauthenticated Local File Inclusion in Quirky <= 1.23
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69145 (Unauthenticated Local File Inclusion in Gat <= 1.16 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69144 (Unauthenticated Local File Inclusion in Preservation <= 1.10
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69140 (Unauthenticated Cross Site Scripting (XSS) in SweetDate Core <
1.1.5 v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69138 (Subscriber Privilege Escalation in Genemy <= 1.6.6 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69135 (Subscriber SQL Injection in Events Schedule - WordPress Events
Calenda ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69130 (Subscriber PHP Object Injection in Entrepreneur - Booking for
Small Bu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69129 (Unauthenticated Arbitrary File Upload in WordPress &
WooCommerce Scrap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69128 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69127 (Unauthenticated PHP Object Injection in Plumbing <= 1.6
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69126 (Unauthenticated Local File Inclusion in Fortius <= 2.3.0
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69123 (Unauthenticated Local File Inclusion in Snow Club <= 1.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69120 (Unauthenticated Local File Inclusion in Dazzle <= 1.0.0
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69117 (Unauthenticated Local File Inclusion in Ingenioso <= 1.14.0
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69115 (Unauthenticated Local File Inclusion in LuxMed | Medicine &
Healthcare ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69111 (Unauthenticated PHP Object Injection in Reisen <= 1.4.1
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69110 (Unauthenticated Local File Inclusion in AirSupply <= 2.0.0
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69106 (Unauthenticated Local File Inclusion in Imba <= 1.5.0
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68524 (Unauthenticated Cross Site Scripting (XSS) in Avante < 3.0.5
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66391 (In Citrix Cloud through 2025-11-10, an account with read-only
access c ...)
TODO: check
CVE-2025-62340 (HCL iControl was affected by Inadequate Session Timeout
vulnerability. ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-60236 (Deserialization of Untrusted Data vulnerability in EMV
Creatify allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60231 (Deserialization of Untrusted Data vulnerability in EMV The
Hospital nr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60230 (Deserialization of Untrusted Data vulnerability in Themeton
The Barber ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60229 (Deserialization of Untrusted Data vulnerability in Themeton
Lagom allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60223 (Subscriber Arbitrary File Deletion in WPBot Pro Wordpress
Chatbot <= 1 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60218 (Subscriber Arbitrary File Upload in PT Luxa Addons <= 1.2.2
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60205 (Unauthenticated PHP Object Injection in ThemeREX Addons <=
2.36.1.1 ve ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-59872 (HCL ZIE for Web is affetced by an Unrestricted File Upload
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-59563 (Subscriber Privilege Escalation in Sonaar <= 4.27.4 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-59560 (Unauthenticated Cross Site Scripting (XSS) in Sonaar <= 4.27.4
version ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-59554 (Unauthenticated SQL Injection in Advanced Ads \u2013 Tracking
< 3.0.7 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58954 (Unauthenticated Local File Inclusion in HomeRoofer <= 2.11.0
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58953 (Unauthenticated Local File Inclusion in Joly <= 1.22.0
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58952 (Unauthenticated Local File Inclusion in Neuronet < 1.14.0
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49403 (Unauthenticated Arbitrary File Download in Premium Age
Verification / ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32748 (Dell PowerFlex rack, version(s) RCM 3.7/3.7, contain(s) a Host
Header ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-31013 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26240 (In JazzCore python-pdfkit 1.0.0, the from_string method
enables the ex ...)
TODO: check
CVE-2025-15657 (Unauthenticated Insecure Direct Object References (IDOR) in
School Man ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-52488 (Subscriber Arbitrary File Upload in Grip <= 1.0.9 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-49269 (Unauthenticated Cross Site Scripting (XSS) in my flatonica <=
0.0.8 ve ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-47477 (Dell PowerFlex Manager, versions prior to 4.5.1.1, contain an
improper ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2024-37496 (Missing Authorization vulnerability in Rara Themes Metro
Magazine allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-37210 (Missing Authorization vulnerability in ali2woo AliNext allows
Exploiti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-35690 (Insertion of sensitive information into sent data
vulnerability in Mar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-35648 (Cross-Site request forgery (CSRF) vulnerability in Andy Moyle
Emergenc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-34810 (Cross-Site request forgery (CSRF) vulnerability in Extend
Themes Skyli ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-33909 (Missing Authorization vulnerability in Avirtum iPages Flipbook
allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-33685 (Missing Authorization vulnerability in Jegstudio Startupzy
startupzy a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-32949 (Missing Authorization vulnerability in Prince Integrate Google
Drive a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-32729 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-31435 (: Missing Authorization vulnerability in Inisev Social Media &
Share I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-24709 (Missing Authorization vulnerability in Shareaholic allows
Exploiting I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-47178
- libheif <unfixed> (bug #1140223)
NOTE: https://project-zero.issues.chromium.org/issues/507396184
@@ -1179,7 +1179,7 @@ CVE-2026-35265 (Vulnerability in the Identity Manager
product of Oracle Fusion M
CVE-2026-35263 (Vulnerability in the WebLogic Server product of Oracle Fusion
Middlewa ...)
NOT-FOR-US: Oracle
CVE-2026-35262 (Vulnerability in the Oracle Data Integrator product of Oracle
Fusion M ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35261 (Vulnerability in the Oracle Access Manager product of Oracle
Fusion Mi ...)
NOT-FOR-US: Oracle
CVE-2026-35259 (Vulnerability in the WebLogic Server product of Oracle Fusion
Middlewa ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5aab511a67ba07b3e5d230ebd63bcf12dc16c66c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5aab511a67ba07b3e5d230ebd63bcf12dc16c66c
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
