Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3f672727 by security tracker role at 2026-06-26T07:14:06+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,7 +13,7 @@ CVE-2026-8720 (wc_Blake2bHmacFinal and wc_Blake2sHmacFinal 
discard the message w
 CVE-2026-8661 (Server-Side Cross-Site Scripting and Server-Side Request 
Forgery vulne ...)
        TODO: check
 CVE-2026-8380 (The Frontend File Manager Plugin WordPress plugin through 23.6 
does no ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-7532 (iPAddress name constraints bypass when WOLFSSL_IP_ALT_NAME is 
not defi ...)
        TODO: check
 CVE-2026-7531 (Use-after-free in PQC hybrid key-share handling. This is an 
incomplete ...)
@@ -121,7 +121,7 @@ CVE-2026-13282 (Use after free in Payments in Google Chrome 
on Android prior to
 CVE-2026-13281 (Integer overflow in Mojo in Google Chrome prior to 
149.0.7827.201 allo ...)
        TODO: check
 CVE-2026-13226 (The Groundhogg \u2014 CRM, Newsletters, and Marketing 
Automation plugi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-13218 (A flaw was found in KubeVirt's virt-handler network cache 
handling. Th ...)
        TODO: check
 CVE-2026-13083 (A flaw was found in the Pen Drive report generator. 
Cluster-sourced da ...)
@@ -143,9 +143,9 @@ CVE-2026-11703 (Missing SNI/ALPN binding on stateful 
(session-ID) resumption, wh
 CVE-2026-11310 (X.509 trust-chain bypass in the OpenSSL compatibility 
certificate veri ...)
        TODO: check
 CVE-2026-10835 (The SALESmanago & Leadoo WordPress plugin before 3.11.3 does 
not prope ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-10823 (The YMC Filter WordPress plugin before 3.11.3 does not 
properly author ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2026-10592 (Certificates with wildcard DNS SANs (e.g. *.example.com) 
bypassed CA n ...)
        TODO: check
 CVE-2026-10512 (The X25519 x86_64 assembly implementation fails to clear the 
most sign ...)
@@ -177,11 +177,11 @@ CVE-2025-60465 (A use-after-free in the 
gf_filter_pid_inst_swap function (/filte
 CVE-2025-60464 (A use-after-free in the gf_sei_load_from_state_internal 
function (/fil ...)
        TODO: check
 CVE-2025-10268 (The Printcart Web to Print Product Designer for WooCommerce 
WordPress  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-47987 (Parse Server before 4.10.0 was affected by a supply chain 
incident in  ...)
-       TODO: check
+       NOT-FOR-US: Parse Server
 CVE-2021-47986 (Parse Server before 4.10.0 contains a supply chain 
vulnerability where ...)
-       TODO: check
+       NOT-FOR-US: Parse Server
 CVE-2020-37256 (Grav before 1.6.30 contains a cross-site scripting 
vulnerability in th ...)
        TODO: check
 CVE-2026-48750



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f672727cc669b30348a7125e35155aaa3700c1f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f672727cc669b30348a7125e35155aaa3700c1f
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to