Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1661f14a by security tracker role at 2026-05-04T07:12:54+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,123 @@
+CVE-2026-7740 (A security vulnerability has been detected in justdan96 tsMuxer 
up to  ...)
+       TODO: check
+CVE-2026-7739 (A weakness has been identified in justdan96 tsMuxer up to 
2.7.0. This  ...)
+       TODO: check
+CVE-2026-7738 (A security flaw has been discovered in puchunjie doc-tools-mcp 
1.0.18. ...)
+       TODO: check
+CVE-2026-7737 (A vulnerability was identified in osrg GoBGP up to 4.3.0. 
Affected by  ...)
+       TODO: check
+CVE-2026-7736 (A vulnerability was determined in osrg GoBGP up to 4.3.0. 
Affected by  ...)
+       TODO: check
+CVE-2026-7735 (A vulnerability was found in osrg GoBGP up to 4.3.0. Affected 
is the f ...)
+       TODO: check
+CVE-2026-7734 (A vulnerability has been found in osrg GoBGP up to 4.3.0. This 
impacts ...)
+       TODO: check
+CVE-2026-7733 (A flaw has been found in funadmin up to 7.1.0-rc6. This affects 
the fu ...)
+       TODO: check
+CVE-2026-7732 (A vulnerability was detected in code-projects BloodBank 
Managing Syste ...)
+       TODO: check
+CVE-2026-7731 (A security vulnerability has been detected in code-projects 
BloodBank  ...)
+       TODO: check
+CVE-2026-7730 (A weakness has been identified in privsim mcp-test-runner 
0.2.0. Impac ...)
+       TODO: check
+CVE-2026-7729 (A security flaw has been discovered in pixelsock directus-mcp 
1.0.0. T ...)
+       TODO: check
+CVE-2026-7728 (A vulnerability was identified in ryanjoachim mcp-rtfm 0.1.0. 
This vul ...)
+       TODO: check
+CVE-2026-7727 (A vulnerability was determined in Shandong Hoteam Software PDM 
Product ...)
+       TODO: check
+CVE-2026-7725 (A vulnerability was found in PrefectHQ prefect up to 
3.6.25.dev6. Affe ...)
+       TODO: check
+CVE-2026-7724 (A vulnerability has been found in PrefectHQ prefect up to 
3.6.28.dev1. ...)
+       TODO: check
+CVE-2026-7723 (A flaw has been found in PrefectHQ prefect up to 3.6.13. 
Affected is a ...)
+       TODO: check
+CVE-2026-7722 (A vulnerability was detected in PrefectHQ prefect up to 3.6.21. 
This i ...)
+       TODO: check
+CVE-2026-7721 (A security vulnerability has been detected in Totolink WA300 
5.2cu.711 ...)
+       TODO: check
+CVE-2026-7720 (A weakness has been identified in Totolink WA300 
5.2cu.7112_B20190227. ...)
+       TODO: check
+CVE-2026-7719 (A security flaw has been discovered in Totolink WA300 
5.2cu.7112_B2019 ...)
+       TODO: check
+CVE-2026-7718 (A vulnerability was identified in Totolink WA300 
5.2cu.7112_B20190227. ...)
+       TODO: check
+CVE-2026-7717 (A vulnerability was determined in Totolink WA300 
5.2cu.7112_B20190227. ...)
+       TODO: check
+CVE-2026-7716 (A vulnerability was found in code-projects Gym Management 
System In PH ...)
+       TODO: check
+CVE-2026-7715 (A vulnerability has been found in ravenwits mcp-server-arangodb 
up to  ...)
+       TODO: check
+CVE-2026-7714 (A flaw has been found in crocodilestick Calibre-Web-Automated 
up to 4. ...)
+       TODO: check
+CVE-2026-7713 (A vulnerability was detected in crocodilestick 
Calibre-Web-Automated u ...)
+       TODO: check
+CVE-2026-7712 (A security vulnerability has been detected in MindsDB up to 
26.01. Aff ...)
+       TODO: check
+CVE-2026-7711 (A weakness has been identified in MindsDB up to 26.01. This 
impacts th ...)
+       TODO: check
+CVE-2026-7710 (A security flaw has been discovered in YunaiV yudao-cloud up to 
3.8.0. ...)
+       TODO: check
+CVE-2026-7709 (A vulnerability was identified in janeczku Calibre-Web up to 
0.6.26. T ...)
+       TODO: check
+CVE-2026-7708 (A vulnerability was determined in Open5GS up to 2.7.7. The 
affected el ...)
+       TODO: check
+CVE-2026-7707 (A vulnerability was found in Open5GS up to 2.7.7. Impacted is 
the func ...)
+       TODO: check
+CVE-2026-7706 (A vulnerability has been found in Open5GS up to 2.7.7. This 
issue affe ...)
+       TODO: check
+CVE-2026-7705 (A flaw has been found in JD Cloud JDCOS 4.5.1.r4518. This 
vulnerabilit ...)
+       TODO: check
+CVE-2026-7372 (A stack overflow vulnerability exists in the WebCam Server 
Login funct ...)
+       TODO: check
+CVE-2026-7371 (Multiple reflected cross-site scripting (xss) vulnerabilities 
exist in ...)
+       TODO: check
+CVE-2026-7161 (An insufficient encryption vulnerability exists in the Device 
Authenti ...)
+       TODO: check
+CVE-2026-6948 (Velociraptor versions prior to 0.76.4 contain a resource 
exhaustion vu ...)
+       TODO: check
+CVE-2026-5335 (The Magic Export & Import WordPress plugin before 1.2.0 stores 
exporte ...)
+       TODO: check
+CVE-2026-43864 (mutt before 2.3.2 has a show_sig_summary NULL pointer 
dereference.)
+       TODO: check
+CVE-2026-43863 (mutt before 2.3.2 has an infinite loop in 
data_object_to_stream in cry ...)
+       TODO: check
+CVE-2026-43862 (In mutt before 2.3.2, the imap_auth_gss security level is 
mishandled.)
+       TODO: check
+CVE-2026-43861 (mutt before 2.3.2 does not check for '\0' in url_pct_decode.)
+       TODO: check
+CVE-2026-43860 (mutt before 2.3.2 sometimes truncates the hash_passwd by one 
byte for  ...)
+       TODO: check
+CVE-2026-43859 (mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for 
the IMA ...)
+       TODO: check
+CVE-2026-42370 (A stack overflow vulnerability exists in the WebCam Server 
Login funct ...)
+       TODO: check
+CVE-2026-42369 (GV-VMS V20 is a Video Monitoring Software used to gather the 
feeds of  ...)
+       TODO: check
+CVE-2026-42368 (A privilege escalation vulnerability exists in the Web 
Interface funct ...)
+       TODO: check
+CVE-2026-42367 (A privilege escalation vulnerability exists in the Web 
Interface / ssi ...)
+       TODO: check
+CVE-2026-42366 (Multiple reflected cross-site scripting (xss) vulnerabilities 
exist in ...)
+       TODO: check
+CVE-2026-42365 (A guessable session cookie vulnerability exists in the Web 
Interface f ...)
+       TODO: check
+CVE-2026-42364 (An os command injection vulnerability exists in the 
DdnsSetting.cgi fu ...)
+       TODO: check
+CVE-2026-29200 (A critical IDOR vulnerability has been discovered in Comet 
Backup affe ...)
+       TODO: check
+CVE-2026-29199 (phpBB before 3.3.16 is vulnerable to Host Header Injection 
that can le ...)
+       TODO: check
+CVE-2026-20451 (In slbc, there is a possible out of bounds write due to type 
confusion ...)
+       TODO: check
+CVE-2026-20450 (In Modem, there is a possible system crash due to incorrect 
error hand ...)
+       TODO: check
+CVE-2026-20449 (In Modem, there is a possible system crash due to a heap 
buffer overfl ...)
+       TODO: check
+CVE-2026-20448 (In geniezone, there is a possible escalation of privilege due 
to a mis ...)
+       TODO: check
+CVE-2026-20447 (In geniezone, there is a possible escalation of privilege due 
to a mis ...)
+       TODO: check
 CVE-2026-7704 (A vulnerability has been found in AV Stumpfl Pixera Two Media 
Server u ...)
        NOT-FOR-US: AV Stumpfl Pixera Two Media Server
 CVE-2026-7703 (A flaw has been found in AV Stumpfl Pixera Two Media Server up 
to 25.2 ...)
@@ -4922,7 +5042,7 @@ CVE-2026-3259 (A Generation of Error Message Containing 
Sensitive Information vu
        NOT-FOR-US: BigQuery
 CVE-2026-39440 (Improper Control of Generation of Code ('Code Injection') 
vulnerabilit ...)
        NOT-FOR-US: WordPress plugin or theme
-CVE-2026-39087 (An issue in Ntfy ntfy.sh before v.2.21 allows a remote 
attacker to exe ...)
+CVE-2026-39087 (ntfy before 2.22.0 allows SSRF because of an unanchored 
regular expres ...)
        NOT-FOR-US: ntfy.sh
 CVE-2026-35225 (An unauthenticated remote attacker is able to exhaust all 
available TC ...)
        NOT-FOR-US: CODESYS



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1661f14a099f92d05875e2984f1f31205f6c0034

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1661f14a099f92d05875e2984f1f31205f6c0034
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to