Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9e9b6fdd by Salvatore Bonaccorso at 2026-06-18T21:36:06+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,13 +3,13 @@ CVE-2026-9815 (The MagicForm WordPress plugin through 0.1.3 
does not properly va
 CVE-2026-9158 (In Eclipse 4diac FORTE versions 3.0.0 to 3.1.0, a specially 
crafted DE ...)
        TODO: check
 CVE-2026-8811 (SEPPmail versions before 15.0.5 allow improper handling of 
attachment  ...)
-       TODO: check
+       NOT-FOR-US: SEPPmail
 CVE-2026-8461 (An out-of-bounds write vulnerability in FFmpeg's libavcodec 
library, s ...)
        TODO: check
 CVE-2026-8039 (The Fancy Testimonials plugin for WordPress is vulnerable to 
Stored Cr ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-8024 (A remote, unauthenticated attacker may exploit a 
deserialization of un ...)
-       TODO: check
+       NOT-FOR-US: iba AG
 CVE-2026-56024 (Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal 
WP EasyP ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-56022 (Webmin accepts basic authentication without session cookies 
when an at ...)
@@ -25,41 +25,41 @@ CVE-2026-56009 (Improper Neutralization of Input During Web 
Page Generation ('Cr
 CVE-2026-56007 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-55746 (Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable 
to stored ...)
-       TODO: check
+       NOT-FOR-US: Cotonti
 CVE-2026-55745 (Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable 
to Cross- ...)
-       TODO: check
+       NOT-FOR-US: Cotonti
 CVE-2026-55744 (Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable 
to Cross- ...)
-       TODO: check
+       NOT-FOR-US: Cotonti
 CVE-2026-55742 (Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable 
to Cross- ...)
-       TODO: check
+       NOT-FOR-US: Cotonti
 CVE-2026-55741 (Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable 
to Cross- ...)
-       TODO: check
+       NOT-FOR-US: Cotonti
 CVE-2026-55392 (NILFS utilities through 2.3.0, fixed in commit 26efb5d, 
nilfs_sb_is_va ...)
        TODO: check
 CVE-2026-55237 (AutoGPT is a workflow automation platform for creating, 
deploying, and ...)
-       TODO: check
+       NOT-FOR-US: AutoGPT
 CVE-2026-55205 (Hermes WebUI before 0.51.468 contains a resource exhaustion 
vulnerabil ...)
-       TODO: check
+       NOT-FOR-US: Hermes WebUI
 CVE-2026-55204 (HAProxy through  3.4.0, fixed in commit 9a6d1fe, contains a 
null point ...)
        TODO: check
 CVE-2026-55203 (HAProxy through 3.4.0, fixed in commit 5985276, contains an 
integer ov ...)
        TODO: check
 CVE-2026-54419 (claudiopizzillo PIAF-HMS (PBX-In-A-Flash Hotel Management 
System; no r ...)
-       TODO: check
+       NOT-FOR-US: PBX-In-A-Flash Hotel Management System
 CVE-2026-54390 (JTL Shop versions 5.2.0 through 5.7.1 contains a server-side 
template  ...)
-       TODO: check
+       NOT-FOR-US: JTL Shop
 CVE-2026-54224 (UBB.threads is vulnerable to Denial of Service (DoS). By 
sending multi ...)
-       TODO: check
+       NOT-FOR-US: UBB.threads
 CVE-2026-54223 (UBB.threads is vulnerable to Path traversal, allowing 
attackers with p ...)
-       TODO: check
+       NOT-FOR-US: UBB.threads
 CVE-2026-54222 (UBB.threads is vulnerable to Blind SQL Injection,allowing 
attackers wi ...)
-       TODO: check
+       NOT-FOR-US: UBB.threads
 CVE-2026-54221 (UBB.threads is vulnerable toReflected XSS. The application 
improperly  ...)
-       TODO: check
+       NOT-FOR-US: UBB.threads
 CVE-2026-54220 (uBB.threads is vulnerable to aCross-Site Request Forgery 
(CSRF) due to ...)
-       TODO: check
+       NOT-FOR-US: UBB.threads
 CVE-2026-54219 (UBB.threads is vulnerable to Stored XSS via user posts and 
user profil ...)
-       TODO: check
+       NOT-FOR-US: UBB.threads
 CVE-2026-54106 (The U.S. Government Accountability Office (GAO) Electronic 
Protest Doc ...)
        TODO: check
 CVE-2026-54105 (The U.S. Government Accountability Office (GAO) Electronic 
Protest Doc ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e9b6fddaed089bb3e84b3adc7d3f4007118845e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e9b6fddaed089bb3e84b3adc7d3f4007118845e
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to