Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7cfb742e by security tracker role at 2026-07-13T19:14:05+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2026-9597 (Mattermost versions 11.7.x <= 11.7.2, 11.6.x <=
11.6.4 fail to ve
CVE-2026-9571 (Mattermost versions 11.7.x <= 11.7.2, 11.6.x <= 11.6.4, 10.11.x
<= 10. ...)
TODO: check
CVE-2026-6875 (ServiceNow has addressed a remote code execution vulnerability
that wa ...)
- TODO: check
+ NOT-FOR-US: ServiceNow
CVE-2026-6850 (Mattermost versions 11.7.x <= 11.7.2, 11.6.x <= 11.6.4, 10.11.x
<= 10. ...)
TODO: check
CVE-2026-6847 (Remote Code Execution vulnerability exists in ThemisNETPanel
due to mi ...)
@@ -21,29 +21,29 @@ CVE-2026-62147 (The Tempo Operator's gateway component
failed to consistently ap
CVE-2026-62143 (A Server-Side Request Forgery (SSRF) protection bypass existed
in the ...)
TODO: check
CVE-2026-61985 (Missing Authorization vulnerability in magepeopleteam Car
Rental Manag ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-61983 (Missing Authorization vulnerability in andy_moyle Church Admin
church- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-61977 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-61976 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-61975 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-61971 (Authorization Bypass Through User-Controlled Key vulnerability
in Cozm ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-61970 (Server-Side Request Forgery (SSRF) vulnerability in Themeisle
Auto Fea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-61968 (Missing Authorization vulnerability in Saad Iqbal myCred
mycred allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-61958 (Missing Authorization vulnerability in Saad Iqbal License
Manager for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-61956 (Cross-Site Request Forgery (CSRF) vulnerability in hamsalam
\u0648\u06 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-61955 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-61952 (Missing Authorization vulnerability in Jose Vega WooCommerce
Bulk Edit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-61692
REJECTED
CVE-2026-61505 (Rejetto HFS 3.0.0 through 3.2.0 allows path traversal through
the lang ...)
@@ -69,15 +69,15 @@ CVE-2026-60121 (Vitec Flamingo 4.12.2 contains an
unauthenticated OS command inj
CVE-2026-60103 (Blender 3.0.0 through 5.1.2 contains an out-of-bounds read
vulnerabili ...)
TODO: check
CVE-2026-59523 (Missing Authorization vulnerability in NSquared Simply
Schedule Appoin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-59521 (Deserialization of Untrusted Data vulnerability in
ShapedPlugin LLC Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-59518 (Deserialization of Untrusted Data vulnerability in wpWax
Directorist d ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-59516 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-59515 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-59245 (In the Apache Airflow FAB auth manager, a DAG whose `dag_id`
is `DAGs` ...)
TODO: check
CVE-2026-58228 (Cross-site scripting vulnerability in phoenixframework
phoenix_live_vi ...)
@@ -85,277 +85,277 @@ CVE-2026-58228 (Cross-site scripting vulnerability in
phoenixframework phoenix_l
CVE-2026-58065 (The Apache Airflow Git provider runs its git-over-SSH
operations with ...)
TODO: check
CVE-2026-57830 (The Joomla extension Helix Ultimate is vulnerable to an
unauthenticate ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2026-57829 (The Joomla extension Helix Ultimate is vulnerable to an
unauthenticate ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2026-57816 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57815 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57814 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57813 (Incorrect Privilege Assignment vulnerability in properfraction
MailOpt ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57812 (Missing Authorization vulnerability in NSquared Simply
Schedule Appoin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57811 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57810 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57805 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57804 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57803 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57802 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57801 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57800 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57799 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57798 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57797 (Missing Authorization vulnerability in ThemeMove EduMall
edumall allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57796 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57795 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57794 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57793 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57792 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57791 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57790 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57789 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57788 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57787 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57786 (Cross-Site Request Forgery (CSRF) vulnerability in purethemes
WorkScou ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57783 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57782 (Missing Authorization vulnerability in PressTigers Universal
Clocks un ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57781 (Missing Authorization vulnerability in Sovlix MeetingHub
meetinghub al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57780 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57779 (Missing Authorization vulnerability in themebeez Fascinate
fascinate a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57778 (Missing Authorization vulnerability in wpdevart Booking
calendar, Appo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57776 (Missing Authorization vulnerability in vowelweb VW Wedding
vw-wedding ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57774 (Missing Authorization vulnerability in vowelweb VW Food Corner
vw-food ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57773 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57772 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57771 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57770 (Deserialization of Untrusted Data vulnerability in ThemeGoods
Grand Ph ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57768 (Incorrect Privilege Assignment vulnerability in favethemes
Houzez Logi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57745 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57744 (Deserialization of Untrusted Data vulnerability in stmcan
RT-Theme 18 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57743 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57741 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57740 (Missing Authorization vulnerability in AcyMailing Newsletter
Team AcyM ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57739 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57738 (Deserialization of Untrusted Data vulnerability in axiomthemes
777 tri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57734 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57733 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57732 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57729 (Missing Authorization vulnerability in UX-themes Flatsome
flatsome all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57728 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57727 (Missing Authorization vulnerability in Themeum Kirki kirki
allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57726 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57725 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57724 (Deserialization of Untrusted Data vulnerability in Themeum
Kirki kirki ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57719 (Unrestricted Upload of File with Dangerous Type vulnerability
in CodeR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57718 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57715 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57714 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57713 (Deserialization of Untrusted Data vulnerability in Marcus (aka
@msykes ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57712 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57711 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57710 (Unrestricted Upload of File with Dangerous Type vulnerability
in quant ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57709 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57708 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57707 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57706 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57705 (Missing Authorization vulnerability in Nexcess Event Tickets
event-tic ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57702 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57698 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57697 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57695 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57694 (Authorization Bypass Through User-Controlled Key vulnerability
in Them ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57693 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57691 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57668 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57433 (Storable versions before 3.41 for Perl have a signed integer
overflow ...)
TODO: check
CVE-2026-57432 (Perl versions through 5.43.10 have an integer overflow in
S_measure_st ...)
TODO: check
CVE-2026-57424 (Missing Authorization vulnerability in knitpay Razorpay
Payment Links ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57423 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57422 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57421 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57420 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57419 (Missing Authorization vulnerability in Fahad Mahmood Stock
Locations f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57418 (Missing Authorization vulnerability in BoldGrid Client
Invoicing by Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57417 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57416 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57415 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57414 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57413 (Server-Side Request Forgery (SSRF) vulnerability in bdthemes
Instant I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57412 (Missing Authorization vulnerability in Codemenschen Gift
Vouchers gift ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57411 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57410 (Incorrect Privilege Assignment vulnerability in MailerPress
Team Maile ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57409 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57408 (Missing Authorization vulnerability in peachpayments Peach
Payments Ga ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57407 (Server-Side Request Forgery (SSRF) vulnerability in WP Swings
PDF Gene ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57406 (Missing Authorization vulnerability in Roxnor FundEngine
wp-fundraisin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57405 (Missing Authorization vulnerability in themehunk Open Shop
open-shop a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57404 (Missing Authorization vulnerability in magepeopleteam Booking
and Rent ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57403 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57402 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57401 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57400 (Missing Authorization vulnerability in WP Swings Event Tickets
Manager ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57399 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57398 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57396 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57395 (Missing Authorization vulnerability in Themefic Tourfic
tourfic allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57394 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57393 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57392 (Missing Authorization vulnerability in Themefic Tourfic
tourfic allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57391 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57390 (Missing Authorization vulnerability in EDGARROJAS Extra
Product Option ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57389 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57388 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57387 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57386 (Incorrect Privilege Assignment vulnerability in Kodezen LLC
aBlocks ab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57385 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57383 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57382 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57381 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57380 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57379 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57378 (Missing Authorization vulnerability in Phil Kurth Advanced
Forms advan ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57377 (Missing Authorization vulnerability in WPXPO WowAddons
product-addons ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57376 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57375 (Missing Authorization vulnerability in FluxBuilder MStore API
mstore-a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57372 (Server-Side Request Forgery (SSRF) vulnerability in denishua
WPJAM Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57371 (Deserialization of Untrusted Data vulnerability in denishua
WPJAM Basi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57369 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57368 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57365 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57364 (Improper Validation of Specified Quantity in Input
vulnerability in WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-57363 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-55772 (CedarJava is an open source Java implementation of the Cedar
policy la ...)
TODO: check
CVE-2026-53365 (In the Linux kernel, the following vulnerability has been
resolved: v ...)
@@ -375,9 +375,9 @@ CVE-2026-49970 (Laravel-Mediable before 7.0.0 contains a
path traversal vulnerab
CVE-2026-49969 (Laravel-Mediable before 7.0.0 contains a server-side request
forgery v ...)
TODO: check
CVE-2026-49876 (Authenticated SSRF in Gravitino JobManager allows server-side
HTTP req ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-41041 (URL path injection via unencoded user-supplied identifiers
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-40553 (Buffer overflow vulnerability has been found in
"extension/readdir.c" ...)
TODO: check
CVE-2026-40469 (Integer overflow vulnerability has been found in "builtin.c"
program f ...)
@@ -411,9 +411,9 @@ CVE-2026-15584 (A privilege escalation vulnerability was
found in the incluster-
CVE-2026-15574 (A flaw was found in the vllm-orchestrator-gateway component.
The syste ...)
TODO: check
CVE-2026-15559 (A vulnerability was detected in CodeAstro Simple Online Leave
Manageme ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2026-15558 (A security vulnerability has been detected in CodeAstro Simple
Online ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2026-15557 (A weakness has been identified in waooAI waoowaoo up to 0.4.1.
Affecte ...)
TODO: check
CVE-2026-15548 (A security vulnerability has been detected in Shibby Tomato up
to 1.28 ...)
@@ -427,13 +427,13 @@ CVE-2026-15545 (A vulnerability was identified in Shibby
Tomato up to 1.28.0000.
CVE-2026-15544 (A vulnerability was determined in Shibby Tomato up to
1.28.0000. Affec ...)
TODO: check
CVE-2026-15543 (A vulnerability was found in Tenda CH22 1.0.0.1. This impacts
the func ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-15542 (A vulnerability has been found in will-moss Isaiah up to
1.36.9. This ...)
TODO: check
CVE-2026-15541 (A flaw has been found in will-moss Isaiah up to 1.36.9. The
impacted e ...)
TODO: check
CVE-2026-15540 (A vulnerability was detected in SourceCodester Online Book
Store Syste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-14934 (A Missing Authorization vulnerability in the repository
creation funct ...)
TODO: check
CVE-2026-14906 (Pages with malicious titles could potentially allow saved PDF
content ...)
@@ -441,9 +441,9 @@ CVE-2026-14906 (Pages with malicious titles could
potentially allow saved PDF co
CVE-2026-14846 (In version 8.2.1 of PrestaShop, there is a vulnerability
relating to t ...)
TODO: check
CVE-2026-14453 (This vulnerability is a critical Server-Side Template
Injection (SSTI) ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2026-14165 (An Authorization Bypass Through User-Controlled Key
vulnerability affe ...)
- TODO: check
+ NOT-FOR-US: Dassault Systemes
CVE-2026-13221 (Perl versions through 5.43.9 produce silently incorrect
regular expres ...)
TODO: check
CVE-2026-13014 (A vulnerability inThales CERT "Suspicious" application =<
1.3.4 allows ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7cfb742e20a8ade99dbdfd14ea33b80e8499f91f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7cfb742e20a8ade99dbdfd14ea33b80e8499f91f
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits