Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4e25381c by Moritz Muehlenhoff at 2026-07-09T22:28:14+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -158,7 +158,7 @@ CVE-2026-56288 (GNU patch is vulnerable to a NULL pointer 
dereference when proce
        NOTE: 
https://cgit.git.savannah.gnu.org/cgit/patch.git/commit/?id=e6d6a4e021660679d7fc9150f981d4920f722313
        NOTE: Crash in CLI tool, no security impact
 CVE-2026-55590 (CakePHP Authentication is an authentication plugin for CakePHP 
that ca ...)
-       TODO: check
+       NOT-FOR-US: CakePHP plugin
 CVE-2026-55420 (Discourse is an open-source discussion platform. Prior to 
2026.6.0, 20 ...)
        NOT-FOR-US: Discourse
 CVE-2026-54801 (A vulnerability has been identified in CPCI85 Central 
Processing/Commu ...)
@@ -170,7 +170,7 @@ CVE-2026-54799 (A vulnerability has been identified in 
CPCI85 Central Processing
 CVE-2026-54798 (A vulnerability has been identified in CPCI85 Central 
Processing/Commu ...)
        NOT-FOR-US: Siemens
 CVE-2026-54695 (Pipecat is an open-source Python framework for building 
real-time voic ...)
-       TODO: check
+       NOT-FOR-US: Pipecat
 CVE-2026-54005 (Kirby is an open-source content management system. Prior to 
4.9.4 and  ...)
        NOT-FOR-US: Kirby CMS
 CVE-2026-54004 (Kirby is an open-source content management system. Prior to 
4.9.4 and  ...)
@@ -202,7 +202,7 @@ CVE-2026-51598 (An input validation vulnerability in the 
RTSP service of MERCURY
 CVE-2026-51597 (MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does 
not imp ...)
        NOT-FOR-US: MERCURY
 CVE-2026-50644 (SOPlanning is vulnerable to SQL injection in the audit 
retention confi ...)
-       TODO: check
+       NOT-FOR-US: SOPlanning
 CVE-2026-50188 (Kirby is an open-source content management system. Prior to 
4.9.4 and  ...)
        NOT-FOR-US: Kirby CMS
 CVE-2026-4653 (The Block, Suspend, Report for BuddyPress plugin for WordPress 
is vuln ...)
@@ -212,47 +212,47 @@ CVE-2026-4298 (The DSGVO All in one for WP plugin for 
WordPress is vulnerable to
 CVE-2026-4275 (The Divi Torque Lite \u2013 Divi Theme, Divi Builder & Extra 
Theme plu ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-4256 (Improper neutralization of special elements used in an LDAP 
query ('LD ...)
-       TODO: check
+       NOT-FOR-US: PassGate
 CVE-2026-49276 (Kirby is an open-source content management system. Prior to 
4.9.4 and  ...)
-       TODO: check
+       NOT-FOR-US: Kirby CMS
 CVE-2026-49274 (Kirby is an open-source content management system. Prior to 
4.9.4 and  ...)
-       TODO: check
+       NOT-FOR-US: Kirby CMS
 CVE-2026-43752 (An authenticated administrator may be able to achieve 
arbitrary code e ...)
        NOT-FOR-US: Apple
 CVE-2026-33390 (An Incorrect Privilege Assignment vulnerability was discovered 
in the  ...)
-       TODO: check
+       NOT-FOR-US: Nozomi
 CVE-2026-31985 (When the upstream Guardian or CMC was configured in the Remote 
Collect ...)
-       TODO: check
+       NOT-FOR-US: Nozomi
 CVE-2026-31984 (A denial-of-service vulnerability caused by unbounded resource 
allocat ...)
-       TODO: check
+       NOT-FOR-US: Nozomi
 CVE-2026-31983 (A Missing Authentication vulnerability was discovered in the 
SSH keys  ...)
-       TODO: check
+       NOT-FOR-US: Nozomi
 CVE-2026-31982 (An Open Redirect vulnerability was discovered in the SAML 
Single Sign- ...)
-       TODO: check
+       NOT-FOR-US: Nozomi
 CVE-2026-31981 (A Stored HTML Injection vulnerability was discovered in the 
Diagram ta ...)
-       TODO: check
+       NOT-FOR-US: Nozomi
 CVE-2026-2342 (Improper neutralization of input during web page generation 
('cross-si ...)
-       TODO: check
+       NOT-FOR-US: ValeApp
 CVE-2026-1989 (Authorization bypass through User-Controlled key vulnerability 
in PAVO ...)
-       TODO: check
+       NOT-FOR-US: PAVO Pay
 CVE-2026-1365 (Insertion of sensitive information into sent data vulnerability 
in Say ...)
-       TODO: check
+       NOT-FOR-US: OSOS
 CVE-2026-15308 (The incremental HTML parser (html.parser.HTMLParser) allows 
for CPU de ...)
        TODO: check
 CVE-2026-15204 (A vulnerability was detected in TOTOLINK X5000R 
9.1.0cu.2415_B20250515 ...)
        NOT-FOR-US: TOTOLINK
 CVE-2026-15202 (A security vulnerability has been detected in YzmCMS up to 
7.5. Affect ...)
-       TODO: check
+       NOT-FOR-US: YzmCMS
 CVE-2026-15195 (A weakness has been identified in apidevtools 
json-schema-ref-parser u ...)
-       TODO: check
+       NOT-FOR-US: json-schema-ref-parser
 CVE-2026-15194 (A security flaw has been discovered in Open5GS 2.7.7. This 
affects the ...)
-       TODO: check
+       - open5gs <itp> (bug #1094791)
 CVE-2026-15193 (A vulnerability was determined in AidanPark openclaw-android 
up to 0.4 ...)
-       TODO: check
+       NOT-FOR-US: openclaw-android
 CVE-2026-15192 (A vulnerability has been found in mettle sendportal up to 
3.0.1. This  ...)
-       TODO: check
+       NOT-FOR-US: mettle sendportal
 CVE-2026-15191 (A flaw has been found in mettle sendportal up to 3.0.1. This 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: mettle sendportal
 CVE-2026-15190 (A vulnerability was detected in SourceCodester Simple and Nice 
Shoppin ...)
        NOT-FOR-US: SourceCodester
 CVE-2026-15189 (A security vulnerability has been detected in aerostackdev 
aerostack-m ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e25381c0b92242d3dd482f6ba05c836753c21e4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e25381c0b92242d3dd482f6ba05c836753c21e4
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to