Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4e25381c by Moritz Muehlenhoff at 2026-07-09T22:28:14+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -158,7 +158,7 @@ CVE-2026-56288 (GNU patch is vulnerable to a NULL pointer
dereference when proce
NOTE:
https://cgit.git.savannah.gnu.org/cgit/patch.git/commit/?id=e6d6a4e021660679d7fc9150f981d4920f722313
NOTE: Crash in CLI tool, no security impact
CVE-2026-55590 (CakePHP Authentication is an authentication plugin for CakePHP
that ca ...)
- TODO: check
+ NOT-FOR-US: CakePHP plugin
CVE-2026-55420 (Discourse is an open-source discussion platform. Prior to
2026.6.0, 20 ...)
NOT-FOR-US: Discourse
CVE-2026-54801 (A vulnerability has been identified in CPCI85 Central
Processing/Commu ...)
@@ -170,7 +170,7 @@ CVE-2026-54799 (A vulnerability has been identified in
CPCI85 Central Processing
CVE-2026-54798 (A vulnerability has been identified in CPCI85 Central
Processing/Commu ...)
NOT-FOR-US: Siemens
CVE-2026-54695 (Pipecat is an open-source Python framework for building
real-time voic ...)
- TODO: check
+ NOT-FOR-US: Pipecat
CVE-2026-54005 (Kirby is an open-source content management system. Prior to
4.9.4 and ...)
NOT-FOR-US: Kirby CMS
CVE-2026-54004 (Kirby is an open-source content management system. Prior to
4.9.4 and ...)
@@ -202,7 +202,7 @@ CVE-2026-51598 (An input validation vulnerability in the
RTSP service of MERCURY
CVE-2026-51597 (MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does
not imp ...)
NOT-FOR-US: MERCURY
CVE-2026-50644 (SOPlanning is vulnerable to SQL injection in the audit
retention confi ...)
- TODO: check
+ NOT-FOR-US: SOPlanning
CVE-2026-50188 (Kirby is an open-source content management system. Prior to
4.9.4 and ...)
NOT-FOR-US: Kirby CMS
CVE-2026-4653 (The Block, Suspend, Report for BuddyPress plugin for WordPress
is vuln ...)
@@ -212,47 +212,47 @@ CVE-2026-4298 (The DSGVO All in one for WP plugin for
WordPress is vulnerable to
CVE-2026-4275 (The Divi Torque Lite \u2013 Divi Theme, Divi Builder & Extra
Theme plu ...)
NOT-FOR-US: WordPress plugin
CVE-2026-4256 (Improper neutralization of special elements used in an LDAP
query ('LD ...)
- TODO: check
+ NOT-FOR-US: PassGate
CVE-2026-49276 (Kirby is an open-source content management system. Prior to
4.9.4 and ...)
- TODO: check
+ NOT-FOR-US: Kirby CMS
CVE-2026-49274 (Kirby is an open-source content management system. Prior to
4.9.4 and ...)
- TODO: check
+ NOT-FOR-US: Kirby CMS
CVE-2026-43752 (An authenticated administrator may be able to achieve
arbitrary code e ...)
NOT-FOR-US: Apple
CVE-2026-33390 (An Incorrect Privilege Assignment vulnerability was discovered
in the ...)
- TODO: check
+ NOT-FOR-US: Nozomi
CVE-2026-31985 (When the upstream Guardian or CMC was configured in the Remote
Collect ...)
- TODO: check
+ NOT-FOR-US: Nozomi
CVE-2026-31984 (A denial-of-service vulnerability caused by unbounded resource
allocat ...)
- TODO: check
+ NOT-FOR-US: Nozomi
CVE-2026-31983 (A Missing Authentication vulnerability was discovered in the
SSH keys ...)
- TODO: check
+ NOT-FOR-US: Nozomi
CVE-2026-31982 (An Open Redirect vulnerability was discovered in the SAML
Single Sign- ...)
- TODO: check
+ NOT-FOR-US: Nozomi
CVE-2026-31981 (A Stored HTML Injection vulnerability was discovered in the
Diagram ta ...)
- TODO: check
+ NOT-FOR-US: Nozomi
CVE-2026-2342 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: ValeApp
CVE-2026-1989 (Authorization bypass through User-Controlled key vulnerability
in PAVO ...)
- TODO: check
+ NOT-FOR-US: PAVO Pay
CVE-2026-1365 (Insertion of sensitive information into sent data vulnerability
in Say ...)
- TODO: check
+ NOT-FOR-US: OSOS
CVE-2026-15308 (The incremental HTML parser (html.parser.HTMLParser) allows
for CPU de ...)
TODO: check
CVE-2026-15204 (A vulnerability was detected in TOTOLINK X5000R
9.1.0cu.2415_B20250515 ...)
NOT-FOR-US: TOTOLINK
CVE-2026-15202 (A security vulnerability has been detected in YzmCMS up to
7.5. Affect ...)
- TODO: check
+ NOT-FOR-US: YzmCMS
CVE-2026-15195 (A weakness has been identified in apidevtools
json-schema-ref-parser u ...)
- TODO: check
+ NOT-FOR-US: json-schema-ref-parser
CVE-2026-15194 (A security flaw has been discovered in Open5GS 2.7.7. This
affects the ...)
- TODO: check
+ - open5gs <itp> (bug #1094791)
CVE-2026-15193 (A vulnerability was determined in AidanPark openclaw-android
up to 0.4 ...)
- TODO: check
+ NOT-FOR-US: openclaw-android
CVE-2026-15192 (A vulnerability has been found in mettle sendportal up to
3.0.1. This ...)
- TODO: check
+ NOT-FOR-US: mettle sendportal
CVE-2026-15191 (A flaw has been found in mettle sendportal up to 3.0.1. This
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: mettle sendportal
CVE-2026-15190 (A vulnerability was detected in SourceCodester Simple and Nice
Shoppin ...)
NOT-FOR-US: SourceCodester
CVE-2026-15189 (A security vulnerability has been detected in aerostackdev
aerostack-m ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e25381c0b92242d3dd482f6ba05c836753c21e4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e25381c0b92242d3dd482f6ba05c836753c21e4
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits