Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fc9c5ff4 by security tracker role at 2026-07-03T19:16:09+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
 CVE-2026-9756 (The GenerateBlocks plugin for WordPress is vulnerable to Stored 
Cross- ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-9230 (The Quiz and Survey Master (QSM) \u2013 Easy Quiz and Survey 
Maker plu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-9148 (The Comments \u2013 wpDiscuz plugin for WordPress is vulnerable 
to Sto ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-8804 (Puppet resource_api (shipped in Puppet Core 8.x and Puppet 
Enterprise  ...)
        TODO: check
 CVE-2026-8351 (The RTMKit plugin for WordPress is vulnerable to Stored 
Cross-Site Scr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-5137 (The RTMKit (rometheme-for-elementor) plugin for WordPress is 
vulnerabl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-59234 (Authorization Bypass Through User-Controlled Key (CWE-639) in 
Calendar ...)
        TODO: check
 CVE-2026-58379 (A flaw was found in GIMP's Paint Shop Pro (PSP) file format 
parser. Th ...)
        TODO: check
 CVE-2026-56085 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-56015 (Net::IP::LPM versions through 1.10 for Perl allow a heap 
out-of-bounds ...)
        TODO: check
 CVE-2026-54483 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-53478 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-50238
        REJECTED
 CVE-2026-4804 (The Zakra theme for WordPress is vulnerable to Stored 
Cross-Site Scrip ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-4322 (Improper neutralization of input during web page generation 
('cross-si ...)
        TODO: check
 CVE-2026-4321 (Improper neutralization of special elements used in an SQL 
command ('S ...)
        TODO: check
 CVE-2026-49815 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-49814 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-49813 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-47898 (Improper Restriction of XML External Entity Reference 
vulnerability in ...)
        TODO: check
 CVE-2026-47897 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
@@ -43,31 +43,31 @@ CVE-2026-47897 (Improper Limitation of a Pathname to a 
Restricted Directory ('Pa
 CVE-2026-47896 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
        TODO: check
 CVE-2026-46730 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-46468 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-46467 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-46466 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-46465 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-46464 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-46463 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-44269 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-44268 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-41124 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-41123 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-35159 (Dell Client Platform BIOS contains an Authentication Bypass by 
Primary ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-26355 (Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, 
LTS2026 r ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2026-14631 (webpack-dev-server versions 5.2.5 and earlier terminate the 
whole Node ...)
        TODO: check
 CVE-2026-14620 (webpack-dev-server versions 5.2.5 and earlier expose two 
internal deve ...)
@@ -91,15 +91,15 @@ CVE-2026-14459 (Improper neutralization of argument 
delimiters in a command ('ar
 CVE-2026-13341 (A vulnerability exists in the Kong Konnect Model Context 
Protocol (MCP ...)
        TODO: check
 CVE-2026-11900 (The Ad Inserter \u2013 Ad Manager & AdSense Ads plugin for 
WordPress i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-11778 (The The CURCY \u2013 Multi Currency for WooCommerce \u2013 
Smoothly on ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-11398 (The LatePoint \u2013 Calendar Booking Plugin for Appointments 
and Even ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-10055 (In Eclipse Theia since version 1.26.0, the backend 
/services/request-s ...)
-       TODO: check
+       NOT-FOR-US: Eclipse
 CVE-2026-10054 (In affected versions of Eclipse Theia (1.8.1 and later), the 
browser b ...)
-       TODO: check
+       NOT-FOR-US: Eclipse
 CVE-2026-14355 [PHP: ext/openssl: Memory corruption (zend_mm_heap corrupted) 
in openssl_encrypt with AES-WRAP-PAD]
        - php8.4 <unfixed>
        - php8.2 <removed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc9c5ff4b73e1713d500d0cf62382ed7b144cc82

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc9c5ff4b73e1713d500d0cf62382ed7b144cc82
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to