Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fc9c5ff4 by security tracker role at 2026-07-03T19:16:09+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
CVE-2026-9756 (The GenerateBlocks plugin for WordPress is vulnerable to Stored
Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9230 (The Quiz and Survey Master (QSM) \u2013 Easy Quiz and Survey
Maker plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9148 (The Comments \u2013 wpDiscuz plugin for WordPress is vulnerable
to Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8804 (Puppet resource_api (shipped in Puppet Core 8.x and Puppet
Enterprise ...)
TODO: check
CVE-2026-8351 (The RTMKit plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-5137 (The RTMKit (rometheme-for-elementor) plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-59234 (Authorization Bypass Through User-Controlled Key (CWE-639) in
Calendar ...)
TODO: check
CVE-2026-58379 (A flaw was found in GIMP's Paint Shop Pro (PSP) file format
parser. Th ...)
TODO: check
CVE-2026-56085 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-56015 (Net::IP::LPM versions through 1.10 for Perl allow a heap
out-of-bounds ...)
TODO: check
CVE-2026-54483 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-53478 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-50238
REJECTED
CVE-2026-4804 (The Zakra theme for WordPress is vulnerable to Stored
Cross-Site Scrip ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4322 (Improper neutralization of input during web page generation
('cross-si ...)
TODO: check
CVE-2026-4321 (Improper neutralization of special elements used in an SQL
command ('S ...)
TODO: check
CVE-2026-49815 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-49814 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-49813 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-47898 (Improper Restriction of XML External Entity Reference
vulnerability in ...)
TODO: check
CVE-2026-47897 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
@@ -43,31 +43,31 @@ CVE-2026-47897 (Improper Limitation of a Pathname to a
Restricted Directory ('Pa
CVE-2026-47896 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
TODO: check
CVE-2026-46730 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-46468 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-46467 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-46466 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-46465 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-46464 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-46463 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-44269 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-44268 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-41124 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-41123 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-35159 (Dell Client Platform BIOS contains an Authentication Bypass by
Primary ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-26355 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7,
LTS2026 r ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-14631 (webpack-dev-server versions 5.2.5 and earlier terminate the
whole Node ...)
TODO: check
CVE-2026-14620 (webpack-dev-server versions 5.2.5 and earlier expose two
internal deve ...)
@@ -91,15 +91,15 @@ CVE-2026-14459 (Improper neutralization of argument
delimiters in a command ('ar
CVE-2026-13341 (A vulnerability exists in the Kong Konnect Model Context
Protocol (MCP ...)
TODO: check
CVE-2026-11900 (The Ad Inserter \u2013 Ad Manager & AdSense Ads plugin for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-11778 (The The CURCY \u2013 Multi Currency for WooCommerce \u2013
Smoothly on ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-11398 (The LatePoint \u2013 Calendar Booking Plugin for Appointments
and Even ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-10055 (In Eclipse Theia since version 1.26.0, the backend
/services/request-s ...)
- TODO: check
+ NOT-FOR-US: Eclipse
CVE-2026-10054 (In affected versions of Eclipse Theia (1.8.1 and later), the
browser b ...)
- TODO: check
+ NOT-FOR-US: Eclipse
CVE-2026-14355 [PHP: ext/openssl: Memory corruption (zend_mm_heap corrupted)
in openssl_encrypt with AES-WRAP-PAD]
- php8.4 <unfixed>
- php8.2 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc9c5ff4b73e1713d500d0cf62382ed7b144cc82
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc9c5ff4b73e1713d500d0cf62382ed7b144cc82
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits