Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7cfb742e by security tracker role at 2026-07-13T19:14:05+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2026-9597 (Mattermost versions 11.7.x <= 11.7.2, 11.6.x <= 
11.6.4 fail to ve
 CVE-2026-9571 (Mattermost versions 11.7.x <= 11.7.2, 11.6.x <= 11.6.4, 10.11.x 
<= 10. ...)
        TODO: check
 CVE-2026-6875 (ServiceNow has addressed a remote code execution vulnerability 
that wa ...)
-       TODO: check
+       NOT-FOR-US: ServiceNow
 CVE-2026-6850 (Mattermost versions 11.7.x <= 11.7.2, 11.6.x <= 11.6.4, 10.11.x 
<= 10. ...)
        TODO: check
 CVE-2026-6847 (Remote Code Execution vulnerability exists in ThemisNETPanel 
due to mi ...)
@@ -21,29 +21,29 @@ CVE-2026-62147 (The Tempo Operator's gateway component 
failed to consistently ap
 CVE-2026-62143 (A Server-Side Request Forgery (SSRF) protection bypass existed 
in the  ...)
        TODO: check
 CVE-2026-61985 (Missing Authorization vulnerability in magepeopleteam Car 
Rental Manag ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-61983 (Missing Authorization vulnerability in andy_moyle Church Admin 
church- ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-61977 (Exposure of Sensitive System Information to an Unauthorized 
Control Sp ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-61976 (Exposure of Sensitive System Information to an Unauthorized 
Control Sp ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-61975 (Exposure of Sensitive System Information to an Unauthorized 
Control Sp ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-61971 (Authorization Bypass Through User-Controlled Key vulnerability 
in Cozm ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-61970 (Server-Side Request Forgery (SSRF) vulnerability in Themeisle 
Auto Fea ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-61968 (Missing Authorization vulnerability in Saad Iqbal myCred 
mycred allows ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-61958 (Missing Authorization vulnerability in Saad Iqbal License 
Manager for  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-61956 (Cross-Site Request Forgery (CSRF) vulnerability in hamsalam 
\u0648\u06 ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-61955 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-61952 (Missing Authorization vulnerability in Jose Vega WooCommerce 
Bulk Edit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-61692
        REJECTED
 CVE-2026-61505 (Rejetto HFS 3.0.0 through 3.2.0 allows path traversal through 
the lang ...)
@@ -69,15 +69,15 @@ CVE-2026-60121 (Vitec Flamingo 4.12.2 contains an 
unauthenticated OS command inj
 CVE-2026-60103 (Blender 3.0.0 through 5.1.2 contains an out-of-bounds read 
vulnerabili ...)
        TODO: check
 CVE-2026-59523 (Missing Authorization vulnerability in NSquared Simply 
Schedule Appoin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-59521 (Deserialization of Untrusted Data vulnerability in 
ShapedPlugin LLC Re ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-59518 (Deserialization of Untrusted Data vulnerability in wpWax 
Directorist d ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-59516 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-59515 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-59245 (In the Apache Airflow FAB auth manager, a DAG whose `dag_id` 
is `DAGs` ...)
        TODO: check
 CVE-2026-58228 (Cross-site scripting vulnerability in phoenixframework 
phoenix_live_vi ...)
@@ -85,277 +85,277 @@ CVE-2026-58228 (Cross-site scripting vulnerability in 
phoenixframework phoenix_l
 CVE-2026-58065 (The Apache Airflow Git provider runs its git-over-SSH 
operations with  ...)
        TODO: check
 CVE-2026-57830 (The Joomla extension Helix Ultimate is vulnerable to an 
unauthenticate ...)
-       TODO: check
+       NOT-FOR-US: Joomla
 CVE-2026-57829 (The Joomla extension Helix Ultimate is vulnerable to an 
unauthenticate ...)
-       TODO: check
+       NOT-FOR-US: Joomla
 CVE-2026-57816 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57815 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57814 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57813 (Incorrect Privilege Assignment vulnerability in properfraction 
MailOpt ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57812 (Missing Authorization vulnerability in NSquared Simply 
Schedule Appoin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57811 (Improper Control of Generation of Code ('Code Injection') 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57810 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57805 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57804 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57803 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57802 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57801 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57800 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57799 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57798 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57797 (Missing Authorization vulnerability in ThemeMove EduMall 
edumall allow ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57796 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57795 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57794 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57793 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57792 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57791 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57790 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57789 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57788 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57787 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57786 (Cross-Site Request Forgery (CSRF) vulnerability in purethemes 
WorkScou ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57783 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57782 (Missing Authorization vulnerability in PressTigers Universal 
Clocks un ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57781 (Missing Authorization vulnerability in Sovlix MeetingHub 
meetinghub al ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57780 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57779 (Missing Authorization vulnerability in themebeez Fascinate 
fascinate a ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57778 (Missing Authorization vulnerability in wpdevart Booking 
calendar, Appo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57776 (Missing Authorization vulnerability in vowelweb VW Wedding 
vw-wedding  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57774 (Missing Authorization vulnerability in vowelweb VW Food Corner 
vw-food ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57773 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57772 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57771 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57770 (Deserialization of Untrusted Data vulnerability in ThemeGoods 
Grand Ph ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57768 (Incorrect Privilege Assignment vulnerability in favethemes 
Houzez Logi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57745 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57744 (Deserialization of Untrusted Data vulnerability in stmcan 
RT-Theme 18  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57743 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57741 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57740 (Missing Authorization vulnerability in AcyMailing Newsletter 
Team AcyM ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57739 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57738 (Deserialization of Untrusted Data vulnerability in axiomthemes 
777 tri ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57734 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57733 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57732 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57729 (Missing Authorization vulnerability in UX-themes Flatsome 
flatsome all ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57728 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57727 (Missing Authorization vulnerability in Themeum Kirki kirki 
allows Expl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57726 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57725 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57724 (Deserialization of Untrusted Data vulnerability in Themeum 
Kirki kirki ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57719 (Unrestricted Upload of File with Dangerous Type vulnerability 
in CodeR ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57718 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57715 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57714 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57713 (Deserialization of Untrusted Data vulnerability in Marcus (aka 
@msykes ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57712 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57711 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57710 (Unrestricted Upload of File with Dangerous Type vulnerability 
in quant ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57709 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57708 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57707 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57706 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57705 (Missing Authorization vulnerability in Nexcess Event Tickets 
event-tic ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57702 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57698 (Authentication Bypass Using an Alternate Path or Channel 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57697 (Authentication Bypass Using an Alternate Path or Channel 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57695 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57694 (Authorization Bypass Through User-Controlled Key vulnerability 
in Them ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57693 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57691 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57668 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57433 (Storable versions before 3.41 for Perl have a signed integer 
overflow  ...)
        TODO: check
 CVE-2026-57432 (Perl versions through 5.43.10 have an integer overflow in 
S_measure_st ...)
        TODO: check
 CVE-2026-57424 (Missing Authorization vulnerability in knitpay Razorpay 
Payment Links  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57423 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57422 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57421 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57420 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57419 (Missing Authorization vulnerability in Fahad Mahmood Stock 
Locations f ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57418 (Missing Authorization vulnerability in BoldGrid Client 
Invoicing by Sp ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57417 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57416 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57415 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57414 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57413 (Server-Side Request Forgery (SSRF) vulnerability in bdthemes 
Instant I ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57412 (Missing Authorization vulnerability in Codemenschen Gift 
Vouchers gift ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57411 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57410 (Incorrect Privilege Assignment vulnerability in MailerPress 
Team Maile ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57409 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57408 (Missing Authorization vulnerability in peachpayments Peach 
Payments Ga ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57407 (Server-Side Request Forgery (SSRF) vulnerability in WP Swings 
PDF Gene ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57406 (Missing Authorization vulnerability in Roxnor FundEngine 
wp-fundraisin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57405 (Missing Authorization vulnerability in themehunk Open Shop 
open-shop a ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57404 (Missing Authorization vulnerability in magepeopleteam Booking 
and Rent ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57403 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57402 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57401 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57400 (Missing Authorization vulnerability in WP Swings Event Tickets 
Manager ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57399 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57398 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57396 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57395 (Missing Authorization vulnerability in Themefic Tourfic 
tourfic allows ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57394 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57393 (Exposure of Sensitive System Information to an Unauthorized 
Control Sp ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57392 (Missing Authorization vulnerability in Themefic Tourfic 
tourfic allows ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57391 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57390 (Missing Authorization vulnerability in EDGARROJAS Extra 
Product Option ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57389 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57388 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57387 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57386 (Incorrect Privilege Assignment vulnerability in Kodezen LLC 
aBlocks ab ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57385 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57383 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57382 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57381 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57380 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57379 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57378 (Missing Authorization vulnerability in Phil Kurth Advanced 
Forms advan ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57377 (Missing Authorization vulnerability in WPXPO WowAddons 
product-addons  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57376 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57375 (Missing Authorization vulnerability in FluxBuilder MStore API 
mstore-a ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57372 (Server-Side Request Forgery (SSRF) vulnerability in denishua 
WPJAM Bas ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57371 (Deserialization of Untrusted Data vulnerability in denishua 
WPJAM Basi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57369 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57368 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57365 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57364 (Improper Validation of Specified Quantity in Input 
vulnerability in WP ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57363 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-55772 (CedarJava is an open source Java implementation of the Cedar 
policy la ...)
        TODO: check
 CVE-2026-53365 (In the Linux kernel, the following vulnerability has been 
resolved:  v ...)
@@ -375,9 +375,9 @@ CVE-2026-49970 (Laravel-Mediable before 7.0.0 contains a 
path traversal vulnerab
 CVE-2026-49969 (Laravel-Mediable before 7.0.0 contains a server-side request 
forgery v ...)
        TODO: check
 CVE-2026-49876 (Authenticated SSRF in Gravitino JobManager allows server-side 
HTTP req ...)
-       TODO: check
+       NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-41041 (URL path injection via unencoded user-supplied identifiers 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-40553 (Buffer overflow vulnerability has been found in 
"extension/readdir.c"  ...)
        TODO: check
 CVE-2026-40469 (Integer overflow vulnerability has been found in "builtin.c" 
program f ...)
@@ -411,9 +411,9 @@ CVE-2026-15584 (A privilege escalation vulnerability was 
found in the incluster-
 CVE-2026-15574 (A flaw was found in the vllm-orchestrator-gateway component. 
The syste ...)
        TODO: check
 CVE-2026-15559 (A vulnerability was detected in CodeAstro Simple Online Leave 
Manageme ...)
-       TODO: check
+       NOT-FOR-US: CodeAstro
 CVE-2026-15558 (A security vulnerability has been detected in CodeAstro Simple 
Online  ...)
-       TODO: check
+       NOT-FOR-US: CodeAstro
 CVE-2026-15557 (A weakness has been identified in waooAI waoowaoo up to 0.4.1. 
Affecte ...)
        TODO: check
 CVE-2026-15548 (A security vulnerability has been detected in Shibby Tomato up 
to 1.28 ...)
@@ -427,13 +427,13 @@ CVE-2026-15545 (A vulnerability was identified in Shibby 
Tomato up to 1.28.0000.
 CVE-2026-15544 (A vulnerability was determined in Shibby Tomato up to 
1.28.0000. Affec ...)
        TODO: check
 CVE-2026-15543 (A vulnerability was found in Tenda CH22 1.0.0.1. This impacts 
the func ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2026-15542 (A vulnerability has been found in will-moss Isaiah up to 
1.36.9. This  ...)
        TODO: check
 CVE-2026-15541 (A flaw has been found in will-moss Isaiah up to 1.36.9. The 
impacted e ...)
        TODO: check
 CVE-2026-15540 (A vulnerability was detected in SourceCodester Online Book 
Store Syste ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-14934 (A Missing Authorization vulnerability in the repository 
creation funct ...)
        TODO: check
 CVE-2026-14906 (Pages with malicious titles could potentially allow saved PDF 
content  ...)
@@ -441,9 +441,9 @@ CVE-2026-14906 (Pages with malicious titles could 
potentially allow saved PDF co
 CVE-2026-14846 (In version 8.2.1 of PrestaShop, there is a vulnerability 
relating to t ...)
        TODO: check
 CVE-2026-14453 (This vulnerability is a critical Server-Side Template 
Injection (SSTI) ...)
-       TODO: check
+       NOT-FOR-US: Centreon
 CVE-2026-14165 (An Authorization Bypass Through User-Controlled Key 
vulnerability affe ...)
-       TODO: check
+       NOT-FOR-US: Dassault Systemes
 CVE-2026-13221 (Perl versions through 5.43.9 produce silently incorrect 
regular expres ...)
        TODO: check
 CVE-2026-13014 (A vulnerability inThales CERT "Suspicious" application =< 
1.3.4 allows ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7cfb742e20a8ade99dbdfd14ea33b80e8499f91f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7cfb742e20a8ade99dbdfd14ea33b80e8499f91f
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to