Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cbef361d by security tracker role at 2026-07-02T19:13:49+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,8 +1,360 @@
-CVE-2026-53358 [Bluetooth: L2CAP: use chan timer to close channels in
cleanup_listen()]
+CVE-2026-9834 (The WP Database Backup \u2013 Unlimited Database & Files Backup
by Bac ...)
+ TODO: check
+CVE-2026-9563 (In Eclipse Parsson published Maven Central artifacts before
version 1. ...)
+ TODO: check
+CVE-2026-9272 (In Progress Flowmon ADS versions prior to 12.5.6 and 13.0.5, a
vulnera ...)
+ TODO: check
+CVE-2026-9188 (The Appointment Bookings for Zoom GoogleMeet and more \u2013
Wappointm ...)
+ TODO: check
+CVE-2026-9145 (The Database for Contact Form 7, WPforms, Elementor forms
plugin for W ...)
+ TODO: check
+CVE-2026-8699 (A stored Cross-Site Scripting (XSS) vulnerability has been
identified ...)
+ TODO: check
+CVE-2026-8482 (A vulnerability was discovered on StormShield Network Security
4.3.0 t ...)
+ TODO: check
+CVE-2026-8441 (The WP Review Slider Pro plugin for WordPress is vulnerable to
SQL Inj ...)
+ TODO: check
+CVE-2026-8147 (In MLflow versions prior to 3.14.0, when running with
authentication e ...)
+ TODO: check
+CVE-2026-8079 (In Progress Flowmon versions prior to 12.5.9 and 13.0.11, a
vulnerabil ...)
+ TODO: check
+CVE-2026-7311 (The TinyPNG \u2013 JPEG, PNG & WebP image compression plugin
for WordP ...)
+ TODO: check
+CVE-2026-5524 (The Divi Form Builder plugin for WordPress is vulnerable to
Arbitrary ...)
+ TODO: check
+CVE-2026-58653 (PraisonAI before 0.1.7 fails to validate that project_id in
issue crea ...)
+ TODO: check
+CVE-2026-58652 (luci-app-travelmate (and the travelmate package) contain a
privilege-e ...)
+ TODO: check
+CVE-2026-58465 (Eclipse Wakaama before snapshot/2026-05-26 contains an
unbounded memor ...)
+ TODO: check
+CVE-2026-58455 (Dockwatch through 0.6.567 contains an unauthenticated OS
command injec ...)
+ TODO: check
+CVE-2026-57766 (Unauthenticated Cross Site Request Forgery (CSRF) in WPIDE
\u2013 File ...)
+ TODO: check
+CVE-2026-57765 (Contributor SQL Injection in WP EasyCart <= 5.9.0 versions.)
+ TODO: check
+CVE-2026-57764 (Contributor Cross Site Scripting (XSS) in Surbma | Yoast SEO
Breadcrum ...)
+ TODO: check
+CVE-2026-57763 (Contributor Cross Site Scripting (XSS) in Structured Content
<= 1.7.0 ...)
+ TODO: check
+CVE-2026-57762 (Author Cross Site Scripting (XSS) in Simple URLs <= 151
versions.)
+ TODO: check
+CVE-2026-57761 (Unauthenticated Cross Site Request Forgery (CSRF) in SEOWP <=
3.12.2 v ...)
+ TODO: check
+CVE-2026-57760 (Missing Authorization vulnerability in Sendcloud Sendcloud
Shipping al ...)
+ TODO: check
+CVE-2026-57759 (Unauthenticated Cross Site Request Forgery (CSRF) in
ProfileGrid <= 5 ...)
+ TODO: check
+CVE-2026-57758 (Unauthenticated Cross Site Request Forgery (CSRF) in Permalink
Manager ...)
+ TODO: check
+CVE-2026-57757 (Unauthenticated Cross Site Request Forgery (CSRF) in pCloud WP
Backup ...)
+ TODO: check
+CVE-2026-57756 (Contributor SQL Injection in nicen-localize-image <= 1.4.9
versions.)
+ TODO: check
+CVE-2026-57755 (Contributor Cross Site Scripting (XSS) in Mosaic Gallery
– Advan ...)
+ TODO: check
+CVE-2026-57754 (Contributor Cross Site Scripting (XSS) in Livemesh Addons for
WPBakery ...)
+ TODO: check
+CVE-2026-57753 (Unauthenticated Sensitive Data Exposure in Kit (formerly
ConvertKit) f ...)
+ TODO: check
+CVE-2026-57752 (Contributor SQL Injection in iNET Webkit 1.2.4 versions.)
+ TODO: check
+CVE-2026-57751 (Unauthenticated Cross Site Request Forgery (CSRF) in Heateor
Social Lo ...)
+ TODO: check
+CVE-2026-57750 (Unauthenticated Broken Access Control in ez Form Calculator
Premium <= ...)
+ TODO: check
+CVE-2026-57749 (Contributor Local File Inclusion in SportsPress Pro <= 2.7.29
versions ...)
+ TODO: check
+CVE-2026-57748 (Contributor Local File Inclusion in Shopify <= 1.0.0 versions.)
+ TODO: check
+CVE-2026-57747 (Unauthenticated Cross Site Request Forgery (CSRF) in Booked <=
3.0.0 v ...)
+ TODO: check
+CVE-2026-57746 (Subscriber Broken Access Control in Booked <= 3.0.0 versions.)
+ TODO: check
+CVE-2026-57731 (Contributor Broken Access Control in Flatsome <= 3.20.5
versions.)
+ TODO: check
+CVE-2026-57730 (Subscriber Broken Access Control in Flatsome <= 3.20.5
versions.)
+ TODO: check
+CVE-2026-57690 (Unauthenticated Cross Site Request Forgery (CSRF) in Werkstatt
<= 4.7. ...)
+ TODO: check
+CVE-2026-57689 (Subscriber Broken Access Control in Werkstatt <= 4.7.2
versions.)
+ TODO: check
+CVE-2026-57688 (Unauthenticated Broken Access Control in POS Entegrat\xf6r <=
3.7.103 ...)
+ TODO: check
+CVE-2026-57687 (Contributor SQL Injection in Custom Field Template <= 2.7.8
versions.)
+ TODO: check
+CVE-2026-57686 (Unauthenticated Cross Site Scripting (XSS) in WowAddons <=
1.6.14 vers ...)
+ TODO: check
+CVE-2026-57685 (Subscriber Broken Access Control in Martfury - WooCommerce
Marketplace ...)
+ TODO: check
+CVE-2026-57684 (Contributor Cross Site Scripting (XSS) in TheFox <= 3.9.70
versions.)
+ TODO: check
+CVE-2026-57683 (Unauthenticated SQL Injection in WP Fast Total Search <=
1.80.280 vers ...)
+ TODO: check
+CVE-2026-57682 (Unauthenticated Cross Site Scripting (XSS) in Simple Link
Directory <= ...)
+ TODO: check
+CVE-2026-57681 (Subscriber Server Side Request Forgery (SSRF) in GeoDirectory
<= 2.8.1 ...)
+ TODO: check
+CVE-2026-57680 (Unauthenticated Insecure Direct Object References (IDOR) in
Kirki <= 6 ...)
+ TODO: check
+CVE-2026-57679 (Unauthenticated SQL Injection in GeekyBot <= 1.2.5 versions.)
+ TODO: check
+CVE-2026-57678 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2026-57677 (Unauthenticated PHP Object Injection in Novalnet Payment
Gateway for W ...)
+ TODO: check
+CVE-2026-57675 (Unauthenticated Cross Site Scripting (XSS) in WP Photo Album
Plus <= 9 ...)
+ TODO: check
+CVE-2026-57674 (Unauthenticated Cross Site Scripting (XSS) in Timetics <=
1.0.58 versi ...)
+ TODO: check
+CVE-2026-57673 (Unauthenticated Cross Site Scripting (XSS) in Optimole <=
4.2.7 versio ...)
+ TODO: check
+CVE-2026-57672 (Unauthenticated Cross Site Scripting (XSS) in wpDataTables <=
6.5.1.1 ...)
+ TODO: check
+CVE-2026-57671 (Unauthenticated Cross Site Scripting (XSS) in perfmatters <=
2.6.4 ver ...)
+ TODO: check
+CVE-2026-57670 (Unauthenticated Cross Site Scripting (XSS) in Google Maps CP
<= 1.2.5 ...)
+ TODO: check
+CVE-2026-57669 (Subscriber Broken Access Control in Advanced Contact form 7 DB
<= 2.0. ...)
+ TODO: check
+CVE-2026-57625 (Unauthenticated Cross Site Scripting (XSS) in Admin and Site
Enhanceme ...)
+ TODO: check
+CVE-2026-57624 (Unauthenticated Remote Code Execution (RCE) in Blocksy
Companion Pro < ...)
+ TODO: check
+CVE-2026-57623 (Unauthenticated Arbitrary Code Execution in W3 Total Cache <=
2.9.4 ve ...)
+ TODO: check
+CVE-2026-57621 (Unauthenticated PHP Object Injection in Booktics <= 1.0.21
versions.)
+ TODO: check
+CVE-2026-57426 (Unauthenticated Cross Site Scripting (XSS) in Modula - PRO <=
2.10.8 v ...)
+ TODO: check
+CVE-2026-57366 (Unauthenticated Cross Site Scripting (XSS) in WPAdverts <=
2.3.1 versi ...)
+ TODO: check
+CVE-2026-57362 (Unauthenticated Cross Site Scripting (XSS) in ChatBot <= 8.3.2
version ...)
+ TODO: check
+CVE-2026-57361 (Unauthenticated Cross Site Scripting (XSS) in Survey Maker <=
5.2.2.5 ...)
+ TODO: check
+CVE-2026-57360 (Unauthenticated Cross Site Scripting (XSS) in eCommerce
Product Catalo ...)
+ TODO: check
+CVE-2026-57359 (Unauthenticated Cross Site Scripting (XSS) in ReviewX <=
2.3.10 versio ...)
+ TODO: check
+CVE-2026-57358 (Unauthenticated Cross Site Scripting (XSS) in Customize My
Account for ...)
+ TODO: check
+CVE-2026-57357 (Unauthenticated Cross Site Scripting (XSS) in Search Atlas SEO
<= 2.6. ...)
+ TODO: check
+CVE-2026-57356 (Unauthenticated Cross Site Scripting (XSS) in MC Woocommerce
Wishlist ...)
+ TODO: check
+CVE-2026-57355 (Subscriber Broken Access Control in Classified Listing <=
5.4.2 versio ...)
+ TODO: check
+CVE-2026-57354 (Subscriber Cross Site Scripting (XSS) in JetReviews <= 3.0.0.1
version ...)
+ TODO: check
+CVE-2026-57353 (Subscriber Broken Access Control in Link Whisper Premium <=
2.9.0 vers ...)
+ TODO: check
+CVE-2026-57352 (Unauthenticated Broken Authentication in ALD \u2013
Dropshipping and F ...)
+ TODO: check
+CVE-2026-57351 (Unauthenticated Cross Site Scripting (XSS) in HandL UTM
Grabber <= 2.9 ...)
+ TODO: check
+CVE-2026-57350 (Unauthenticated Cross Site Scripting (XSS) in WP Debugging <=
2.12.2 v ...)
+ TODO: check
+CVE-2026-57349 (Unauthenticated Cross Site Scripting (XSS) in WPeMatico RSS
Feed Fetch ...)
+ TODO: check
+CVE-2026-57348 (Unauthenticated Server Side Request Forgery (SSRF) in Paid
Member Subs ...)
+ TODO: check
+CVE-2026-57347 (Subscriber Sensitive Data Exposure in Hotel Booking Lite <=
6.0.3 vers ...)
+ TODO: check
+CVE-2026-57345 (Unauthenticated Cross Site Scripting (XSS) in Internal Links
Manager < ...)
+ TODO: check
+CVE-2026-57344 (Unauthenticated Cross Site Scripting (XSS) in Classified
Listing <= 5. ...)
+ TODO: check
+CVE-2026-57343 (Unauthenticated Cross Site Scripting (XSS) in Real Estate 7 <=
3.5.9 v ...)
+ TODO: check
+CVE-2026-57342 (Subscriber Cross Site Scripting (XSS) in ShortPixel Adaptive
Images <= ...)
+ TODO: check
+CVE-2026-56842 (A malicious actor with access to the network and under certain
conditi ...)
+ TODO: check
+CVE-2026-56841 (A malicious actor with access to the network and low
privileges could ...)
+ TODO: check
+CVE-2026-56037 (Deserialization of Untrusted Data vulnerability in Themify
Themify Pop ...)
+ TODO: check
+CVE-2026-56004 (A shellcode injection in the mercurial handler of the obs
tar_scm sour ...)
+ TODO: check
+CVE-2026-55952 (The Erlang/OTP ssl application does not validate that the PSK
identity ...)
+ TODO: check
+CVE-2026-55950 (Time-of-check Time-of-use (TOCTOU) race condition
vulnerability in Erl ...)
+ TODO: check
+CVE-2026-55119 (A malicious actor with access to the network and low
privileges could ...)
+ TODO: check
+CVE-2026-55118 (A malicious actor with access to the network,low privileges
and under ...)
+ TODO: check
+CVE-2026-55117 (A malicious actor with access to the network could exploit a
Path Trav ...)
+ TODO: check
+CVE-2026-55116 (A malicious actor with access to the network and under certain
network ...)
+ TODO: check
+CVE-2026-55115 (A malicious actor with access to the network and low
privileges could ...)
+ TODO: check
+CVE-2026-55114 (A malicious actor with access to the network and low
privileges could ...)
+ TODO: check
+CVE-2026-55113 (A malicious actor with access to the network could exploit a
Server-Si ...)
+ TODO: check
+CVE-2026-55112 (A malicious actor with access to the network and low
privileges and un ...)
+ TODO: check
+CVE-2026-55111 (A malicious actor with access to the network could exploit a
Path Trav ...)
+ TODO: check
+CVE-2026-55110 (A malicious actor who lures an authenticated user to a
malicious page ...)
+ TODO: check
+CVE-2026-54891 (Improper Enforcement of Message Integrity During Transmission
in a Com ...)
+ TODO: check
+CVE-2026-54887 (Use of Default Cryptographic Key vulnerability in Erlang/OTP
ssl (DTLS ...)
+ TODO: check
+CVE-2026-54886 (Loop with Unreachable Exit Condition ('Infinite Loop')
vulnerability i ...)
+ TODO: check
+CVE-2026-54431 (In liboauth2 the Demonstrating Proof-of-Possession (DPoP)
verifier acc ...)
+ TODO: check
+CVE-2026-54430 (liboauth2 is vulnerable to Server-Side Request Forgery
inoauth2_jose_j ...)
+ TODO: check
+CVE-2026-54409 (A malicious actor with access to the network and under certain
conditi ...)
+ TODO: check
+CVE-2026-54408 (A malicious actor with access to the network could exploit an
Improper ...)
+ TODO: check
+CVE-2026-54407 (A malicious actor with access to the network could exploit an
Improper ...)
+ TODO: check
+CVE-2026-54406 (A malicious actor with access to the network and high
privileges could ...)
+ TODO: check
+CVE-2026-54405 (A malicious actor with access to the network could exploit an
Improper ...)
+ TODO: check
+CVE-2026-54404 (A malicious actor with access to the network and low
privileges could ...)
+ TODO: check
+CVE-2026-54403 (A malicious actor with access to the network could exploit a
Path Trav ...)
+ TODO: check
+CVE-2026-54402 (A malicious actor with access to the network and low
privileges could ...)
+ TODO: check
+CVE-2026-54401 (A malicious actor with access to the network and low
privileges could ...)
+ TODO: check
+CVE-2026-54400 (A malicious actor with access to the network and high
privileges could ...)
+ TODO: check
+CVE-2026-53422 (Observable Response Discrepancy vulnerability in Erlang OTP
ssh (ssh_s ...)
+ TODO: check
+CVE-2026-50748 (A malicious actor with access to the network and low
privileges could ...)
+ TODO: check
+CVE-2026-50747 (A malicious actor with access to the network and low
privileges could ...)
+ TODO: check
+CVE-2026-50746 (A malicious actor with access to the network could exploit an
Improper ...)
+ TODO: check
+CVE-2026-50282 (Craft CMS is a content management system (CMS). Versions
5.0.0-RC1 and ...)
+ TODO: check
+CVE-2026-50281 (Craft CMS is a content management system (CMS). Versions 5.7.0
and abo ...)
+ TODO: check
+CVE-2026-4772 (Improper neutralization of input during web page generation
('cross-si ...)
+ TODO: check
+CVE-2026-4770 (Improper neutralization of input during web page generation
('cross-si ...)
+ TODO: check
+CVE-2026-4767 (Missing authentication for critical function vulnerability in
TR7 Cybe ...)
+ TODO: check
+CVE-2026-49779 (Customer Path Traversal in Tax Exempt for WooCommerce <= 1.9.3
version ...)
+ TODO: check
+CVE-2026-44941 (A relative path traversal in the "keyhint" option in
repomd.xml parsin ...)
+ TODO: check
+CVE-2026-44935 (Missing validation of "valuesFrom" references in Helm Deployer
of SUSE ...)
+ TODO: check
+CVE-2026-42382 (Unauthenticated Local File Inclusion in Audrey <= 1.5
versions.)
+ TODO: check
+CVE-2026-39448 (Unauthenticated Broken Access Control in NOWPayments for
WooCommerce < ...)
+ TODO: check
+CVE-2026-33592 (An unauthenticated remote attacker can exhaust server memory
via the F ...)
+ TODO: check
+CVE-2026-27436 (Editor Arbitrary Code Execution in Five Star Business Profile
and Sche ...)
+ TODO: check
+CVE-2026-27433 (Unauthenticated Broken Access Control in Motors <= 5.6.80
versions.)
+ TODO: check
+CVE-2026-27430 (Unauthenticated Cross Site Scripting (XSS) in TheFox <= 3.9.76
version ...)
+ TODO: check
+CVE-2026-27426 (Unauthenticated Cross Site Scripting (XSS) in Automotive Car
Dealershi ...)
+ TODO: check
+CVE-2026-27425 (Unauthenticated Cross Site Scripting (XSS) in Automotive
Listings <= 1 ...)
+ TODO: check
+CVE-2026-27419 (Subscriber Arbitrary File Upload in Zegen <= 1.1.9 versions.)
+ TODO: check
+CVE-2026-27414 (Contributor PHP Object Injection in Werkstatt <= 4.8.3
versions.)
+ TODO: check
+CVE-2026-27412 (Unauthenticated Local File Inclusion in Pearl - Corporate
Business <= ...)
+ TODO: check
+CVE-2026-27408 (Unauthenticated Cross Site Scripting (XSS) in NativeChurch <=
4.8.8.2 ...)
+ TODO: check
+CVE-2026-27404 (Unauthenticated Cross Site Scripting (XSS) in LMS <= 9.7
versions.)
+ TODO: check
+CVE-2026-27402 (Unauthenticated Cross Site Scripting (XSS) in Kids Life |
Children Sch ...)
+ TODO: check
+CVE-2026-27060 (Contributor PHP Object Injection in ARMember Premium <= 7.0
versions.)
+ TODO: check
+CVE-2026-14449 (u5CMSthroughv12.8.8 is vulnerable to reflected XSS via the
\u2018thank ...)
+ TODO: check
+CVE-2026-14336 (PIA's OIDC issuer allowlist for Jenkins tokens uses a bare
string-pref ...)
+ TODO: check
+CVE-2026-14029 (The Groundhogg \u2014 CRM, Newsletters, and Marketing
Automation plugi ...)
+ TODO: check
+CVE-2026-13743 (CubeSpace CW0057 Reaction Wheel firmware versions prior to
5.0.20 are ...)
+ TODO: check
+CVE-2026-13459 (The JetFormBuilder \u2014 Dynamic Blocks Form Builder plugin
for WordP ...)
+ TODO: check
+CVE-2026-13369 (The Ninja Forms - File Uploads plugin for WordPress is
vulnerable to A ...)
+ TODO: check
+CVE-2026-13252 (The RSS Aggregator by Feedzy \u2013 Feed to Post,
Autoblogging, News & ...)
+ TODO: check
+CVE-2026-13251 (The Perfmatters plugin for WordPress is vulnerable to
Directory Traver ...)
+ TODO: check
+CVE-2026-12657 (The LatePoint \u2013 Calendar Booking Plugin for Appointments
and Even ...)
+ TODO: check
+CVE-2026-12472 (The Kirki \u2013 Freeform Page Builder, Website Builder &
Customizer p ...)
+ TODO: check
+CVE-2026-12168 (An improper validation vulnerability for driver
`GFAC_Sys_x64.sys` in ...)
+ TODO: check
+CVE-2026-12167 (The Minifilter communication port for driver
`GFAC_Sys_x64.sys` in Lit ...)
+ TODO: check
+CVE-2026-12166 (A NULL pointer dereference vulnerability for driver
`GFAC_Sys_x64.sys` ...)
+ TODO: check
+CVE-2026-12134 (The JoomSport \u2013 for Sports: Team & League, Football,
Hockey & mor ...)
+ TODO: check
+CVE-2026-12122 (The Kirki \u2013 Freeform Page Builder, Website Builder &
Customizer p ...)
+ TODO: check
+CVE-2026-11946 (An unauthenticated remote attacker can exhaust server memory
via the G ...)
+ TODO: check
+CVE-2026-11896 (The My Calendar \u2013 Accessible Event Manager plugin for
WordPress i ...)
+ TODO: check
+CVE-2026-10104 (The Product Video Gallery for Woocommerce plugin for WordPress
is vuln ...)
+ TODO: check
+CVE-2025-69156 (Unauthenticated Cross Site Scripting (XSS) in Kids Zone -
Children Wor ...)
+ TODO: check
+CVE-2025-69155 (Unauthenticated Cross Site Scripting (XSS) in Fitness Zone
WordPress T ...)
+ TODO: check
+CVE-2025-69154 (Unauthenticated Cross Site Scripting (XSS) in SpaLab | Beauty
Salon Wo ...)
+ TODO: check
+CVE-2025-69153 (Unauthenticated Cross Site Scripting (XSS) in Trendy Travel <=
6.7 ver ...)
+ TODO: check
+CVE-2025-69152 (Unauthenticated Cross Site Scripting (XSS) in Artale | Wedding
Photogr ...)
+ TODO: check
+CVE-2025-69134 (Unauthenticated Arbitrary Content Deletion in OpenAI Chatbot
for WordP ...)
+ TODO: check
+CVE-2025-69133 (Subscriber Local File Inclusion in Tourmaster <= 5.4.5
versions.)
+ TODO: check
+CVE-2025-69132 (Subscriber Sensitive Data Exposure in Corpkit <= 1.0.5
versions.)
+ TODO: check
+CVE-2025-69094 (Subscriber SQL Injection in Unicamp <= 2.2.2 versions.)
+ TODO: check
+CVE-2025-66076 (Unauthenticated Broken Access Control in Woostify Sites
Library <= 1.6 ...)
+ TODO: check
+CVE-2025-58902 (Unauthenticated Local File Inclusion in Lighthouse <= 1.2.12
versions.)
+ TODO: check
+CVE-2024-58352 (Landray OA contains an unauthenticated HQL injection
vulnerability tha ...)
+ TODO: check
+CVE-2024-14037 (Redsea Cloud eHR contains an arbitrary file upload
vulnerability that ...)
+ TODO: check
+CVE-2022-50973 (Yonyou KSOA 9.0 contains an unauthenticated arbitrary file
upload vuln ...)
+ TODO: check
+CVE-2026-53358 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 7.0.12-1
[trixie] - linux 6.12.94-1
NOTE:
https://git.kernel.org/linus/8c8e620467a7b51562dbcefbd1f09f288d7d710d (7.1-rc6)
-CVE-2026-53357 [Bluetooth: fix UAF in l2cap_sock_cleanup_listen() vs
l2cap_conn_del()]
+CVE-2026-53357 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 7.0.12-1
[trixie] - linux 6.12.94-1
NOTE:
https://git.kernel.org/linus/ab1513597c6cf17cd1ad2a21e3b045421b48e022 (7.1-rc5)
@@ -176847,7 +177199,7 @@ CVE-2025-27463
CVE-2025-27462
NOT-FOR-US: Windows XenCons WinPVDriver
NOTE: https://xenbits.xen.org/xsa/advisory-468.html
-CVE-2025-5276 (All versions of the package mcp-markdownify-server are
vulnerable to S ...)
+CVE-2025-5276 (Versions of the package mcp-markdownify-server before 1.0.0 are
vulner ...)
NOT-FOR-US: mcp-markdownify-server
CVE-2025-5273 (All versions of the package mcp-markdownify-server are
vulnerable to F ...)
NOT-FOR-US: mcp-markdownify-server
@@ -508026,7 +508378,7 @@ CVE-2021-34434 (In Eclipse Mosquitto versions 2.0 to
2.0.11, when using the dyna
NOTE: Fixed by:
https://github.com/eclipse/mosquitto/commit/32af599c81e63fa38e834b8f1c1f108c49328e95
(v2.0.12)
CVE-2021-34433 (In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to
3.0.0-M3 ...)
NOT-FOR-US: Eclipse Californium
-CVE-2021-34432 (In Eclipse Mosquitto versions 2.07 and earlier, the server
will crash ...)
+CVE-2021-34432 (In Eclipse Mosquitto versions 2.0.7 and earlier, the server
will crash ...)
- mosquitto 2.0.8-1
[buster] - mosquitto <ignored> (Vulnerable code is not accessible in
version 1.x)
[stretch] - mosquitto <ignored> (Vulnerable code is not accessible in
version 1.x)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbef361db2f7666178c47d434de15ee8786f281e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbef361db2f7666178c47d434de15ee8786f281e
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits