Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9fefcbc0 by security tracker role at 2026-07-07T07:14:02+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -75,9 +75,9 @@ CVE-2026-50134 (Hugo is a static site generator. From 0.91.0
until 0.162.0, reso
CVE-2026-50133 (Hugo is a static site generator. Prior to 0.162.0, Hugo
accepts conten ...)
TODO: check
CVE-2026-4375 (The DoLeads Integrator WordPress plugin through 0.65, wp2epub
WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-48267 (DNG SDK versions 1.7.1 2536 and earlier are affected by a NULL
Pointer ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-44362 (OP-TEE is a Trusted Execution Environment (TEE) designed as
companion ...)
TODO: check
CVE-2026-43928 (FOSSBilling is a free, open-source billing and client
management syste ...)
@@ -175,55 +175,55 @@ CVE-2026-33734 (FOSSBilling is a free, open-source
billing and client management
CVE-2026-32718 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
TODO: check
CVE-2026-27844 (Uncaught Exception (CWE-248)in the Controller 6000 and
Controller 7000 ...)
- TODO: check
+ NOT-FOR-US: Gallagher
CVE-2026-27790 (Uncaught Exception (CWE-248)inthe T20 Readersallows an
authenticated a ...)
- TODO: check
+ NOT-FOR-US: Gallagher
CVE-2026-26053 (AnIncorrect Privilege Assignment (CWE-266)vulnerability inthe
Command ...)
- TODO: check
+ NOT-FOR-US: Gallagher
CVE-2026-25271 (Memory Corruption when processing asynchronous input
parameters due to ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-25268 (Memory Corruption when processing invalid HT40 channel layouts
during ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21384 (Memory Corruption when updating prepared commands with invalid
port in ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21383 (Cryptographic Issue when using a static initialization vector
for AES- ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21379 (Memory Corruption when allocating memory with sizes that
exceed the ma ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21370 (Memory Corruption when validating input batch size and buffer
plane co ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21369 (Memory Corruption when handling flash commands due to outdated
LED cou ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21368 (Memory Corruption when parsing jpeg commands due to
unaccounted extra ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-14898 (The OpenAI Codex desktop app for macOS rendered remote images
from Mar ...)
TODO: check
CVE-2026-14536 (Improper enforcement of a mandatory multi-factor
authentication policy ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2026-14471 (Improper Neutralization of Special Elements in the
metrics-service ret ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2026-14468 (HashiCorp Terraform Enterprise contained an issue in its
version contr ...)
TODO: check
CVE-2026-14345 (The WPFunnels \u2013 Funnel Builder for WooCommerce with
Checkout & On ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-13356 (A malicious webpage could interrupt a pending navigation by
enqueuing ...)
TODO: check
CVE-2026-12375 (The uncanny-automator-pro WordPress plugin before 7.3.0.6 was
distribu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-12277 (The Frontend File Manager Plugin WordPress plugin through 23.6
does no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-11405 (The web server binary /bin/httpd contains a hidden backdoor
authentica ...)
TODO: check
CVE-2026-11328 (The Exclusive Addons for Elementor plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-10834 (The WP Travel Engine WordPress plugin before 6.8.1 does not
properly ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-59617 (Memory Corruption when processing multiple IOCTL calls with
the same b ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-59616 (Memory Corruption when processing multiple IOCTL calls with
the same b ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-59615 (Memory Corruption when invoking device input/output control
operations ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-56141 (Minosoft is an open-source, multi-version Minecraft Java
Edition clien ...)
TODO: check
CVE-2026-49861
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9fefcbc0dbe1bdc6ba91a99eba39cfc275bb413b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9fefcbc0dbe1bdc6ba91a99eba39cfc275bb413b
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits