Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d70e4190 by security tracker role at 2026-06-29T19:14:24+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2026-9267 (Eclipse tinydtls before 
commitb3efd41ad111a4920f599f51ffa4f5e9f1e72221 ...)
        TODO: check
 CVE-2026-9105 (An authenticated stack-based buffer overflow vulnerability 
exists in t ...)
-       TODO: check
+       NOT-FOR-US: TPLink
 CVE-2026-58000 (luci-proto-openvpn through 0.11.1, fixed in commit e4ff45e, 
contains a ...)
        TODO: check
 CVE-2026-57999 (luci-app-tailscale-community contains a command injection 
vulnerabilit ...)
@@ -47,47 +47,47 @@ CVE-2026-57943 (LibrePhotos before 1.0.0 contains a broken 
object level authoriz
 CVE-2026-57942 (LibreTranslate through 1.9.7, fixed in commit 397fd22, 
contains an IP  ...)
        TODO: check
 CVE-2026-57676 (Authorization Bypass Through User-Controlled Key vulnerability 
in Matt ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57525
        REJECTED
 CVE-2026-57523
        REJECTED
 CVE-2026-57346 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57341 (Unauthenticated Insecure Direct Object References (IDOR) in 
Colissimo  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57340 (Unauthenticated Broken Access Control in Japanized For 
WooCommerce <=  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57339 (Unauthenticated Broken Access Control in Business Directory <= 
6.4.23  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57338 (Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 
version ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57337 (Unauthenticated Cross Site Scripting (XSS) in Landing Page 
Builder <=  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57336 (Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 
versions ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57335 (Subscriber Broken Access Control in Ads by WPQuads <= 3.0.3 
versions.)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57334 (Unauthenticated Broken Access Control in WP User Frontend <= 
4.3.7 ver ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57333 (Unauthenticated Cross Site Scripting (XSS) in Link Whisper 
Free <= 0.9 ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57332 (Subscriber Broken Access Control in Wallet System for 
WooCommerce <= 2 ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57331 (Performer Arbitrary File Deletion in Paid Videochat Turnkey 
Site <= 7. ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57330 (Subscriber Cross Site Scripting (XSS) in MasterStudy LMS <= 
3.7.27 ver ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57329 (Subscriber Cross Site Scripting (XSS) in WooCommerce Designer 
Pro <= 1 ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57328 (Subscriber Cross Site Scripting (XSS) in Business Directory <= 
6.4.22  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57327 (Subscriber Broken Access Control in MainWP <= 6.1.1 versions.)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57326 (Unauthenticated Cross Site Scripting (XSS) in Business 
Directory <= 6. ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57320 (Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1.1.8 
versions.)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2026-56783 (Parseable before 2.9.2 contains an information disclosure 
vulnerabilit ...)
        TODO: check
 CVE-2026-56782 (Gorse before 0.5.10 contains an authentication bypass 
vulnerability in ...)
@@ -97,9 +97,9 @@ CVE-2026-56781 (Teable before 2026-06-15T04-43-24Z.1912 
contains an improper acc
 CVE-2026-56780 (Modoboa before 2.9.0 contains an insecure direct object 
reference vuln ...)
        TODO: check
 CVE-2026-56457 (HCL DevOps Deploy / HCL Launch is susceptible to an exposure 
of sensit ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2026-56290 (The Joomla extension Page Builder CK is vulnerable to an 
unauthenticat ...)
-       TODO: check
+       NOT-FOR-US: Joomla
 CVE-2026-56285 (Nitter's /video media proxy endpoint fails to validate target 
URLs aga ...)
        TODO: check
 CVE-2026-56124 (phpUploader before 2.0.2 contains an unauthenticated 
information discl ...)
@@ -113,7 +113,7 @@ CVE-2026-53428 (Memory Allocation with Excessive Size Value 
vulnerability in lea
 CVE-2026-53427 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        TODO: check
 CVE-2026-49049 (The Helix3 plugin for Joomla exposes an ajax handler task, 
that allows ...)
-       TODO: check
+       NOT-FOR-US: Joomla
 CVE-2026-46406 (Claude Code is an agentic coding tool.  From 2.1.59 until 
2.1.128, the ...)
        TODO: check
 CVE-2026-41992 (GNU gzip contains a global buffer overflow vulnerability in 
the LZH de ...)
@@ -153,7 +153,7 @@ CVE-2026-13746 (Improper neutralization of local CLI 
parameters in Snowflake CLI
 CVE-2026-13744 (Improper neutralization of attacker-controlled content in 
Snowflake CL ...)
        TODO: check
 CVE-2026-13742 (Honeywell IQ MultiAccess, all versions prior to and including 
version  ...)
-       TODO: check
+       NOT-FOR-US: Honeywell
 CVE-2026-13676 (fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fail to 
canonicalize U ...)
        TODO: check
 CVE-2026-13601 (A flaw was found in Yelp due to an overly permissive Content 
Security  ...)
@@ -173,79 +173,79 @@ CVE-2026-13588 (A vulnerability was determined in seladb 
PcapPlusPlus 25.05. The
 CVE-2026-13587 (A vulnerability was found in seladb PcapPlusPlus 25.05. The 
affected e ...)
        TODO: check
 CVE-2026-13583 (A vulnerability has been found in Edimax EW-7478APC 1.04. 
Impacted is  ...)
-       TODO: check
+       NOT-FOR-US: Edimax
 CVE-2026-13582 (A flaw has been found in Edimax EW-7478APC 1.04. This issue 
affects th ...)
-       TODO: check
+       NOT-FOR-US: Edimax
 CVE-2026-13581 (A vulnerability was detected in Edimax EW-7478APC 1.04. This 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: Edimax
 CVE-2026-13580 (A security vulnerability has been detected in Edimax 
EW-7478APC 1.04.  ...)
-       TODO: check
+       NOT-FOR-US: Edimax
 CVE-2026-13579 (A weakness has been identified in itsourcecode Hospital 
Management Sys ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2026-13578 (A security flaw has been discovered in itsourcecode Hospital 
Managemen ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2026-13574 (A vulnerability was determined in llvm llvm-project up to 
22.1.6. This ...)
        TODO: check
 CVE-2026-13573 (A vulnerability was found in llvm llvm-project up to 22.1.6. 
This affe ...)
        TODO: check
 CVE-2026-13572 (A vulnerability has been found in itsourcecode Hospital 
Management Sys ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2026-13571 (A flaw has been found in SourceCodester Simple Food Ordering 
System 1. ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-13570 (A vulnerability was detected in SourceCodester Inventory 
Management Sy ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-13569 (A security vulnerability has been detected in weng-xianhu 
EyouCMS up t ...)
        TODO: check
 CVE-2026-13568 (A weakness has been identified in SourceCodester Inventory 
Management  ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-13567 (A security flaw has been discovered in code-projects Online 
Music Site ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2026-13566 (A vulnerability was identified in SourceCodester Class and 
Exam Timeta ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-13565 (A vulnerability was determined in SourceCodester Class and 
Exam Timeta ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2026-13564 (A vulnerability was found in Edimax EW-7478APC 1.04. Affected 
is the f ...)
-       TODO: check
+       NOT-FOR-US: Edimax
 CVE-2026-13563 (A vulnerability has been found in Edimax EW-7478APC 1.04. This 
impacts ...)
-       TODO: check
+       NOT-FOR-US: Edimax
 CVE-2026-13562 (A flaw has been found in Edimax EW-7478APC 1.04. This affects 
the func ...)
-       TODO: check
+       NOT-FOR-US: Edimax
 CVE-2026-13561 (A vulnerability was detected in Edimax EW-7478APC 1.04. The 
impacted e ...)
-       TODO: check
+       NOT-FOR-US: Edimax
 CVE-2026-13560 (A security vulnerability has been detected in Edimax 
EW-7478APC 1.04.  ...)
-       TODO: check
+       NOT-FOR-US: Edimax
 CVE-2026-13559 (A weakness has been identified in code-projects Real State 
Services 1. ...)
        TODO: check
 CVE-2026-13558 (A security flaw has been discovered in CodeAstro Complaint 
Management  ...)
-       TODO: check
+       NOT-FOR-US: CodeAstro
 CVE-2026-13557 (A vulnerability was identified in itsourcecode Online Hotel 
Management ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2026-13556 (A vulnerability was determined in itsourcecode Online Hotel 
Management ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2026-13555 (A vulnerability was found in itsourcecode Online Hotel 
Management Syst ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2026-13554 (A vulnerability has been found in itsourcecode Online Hotel 
Management ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2026-13553 (A flaw has been found in itsourcecode Online Hotel Management 
System 1 ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2026-13552 (A vulnerability was detected in itsourcecode Online Hotel 
Management S ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2026-13551 (A security vulnerability has been detected in itsourcecode 
Baptism Inf ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2026-13550 (A weakness has been identified in itsourcecode Baptism 
Information Man ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2026-13549 (A security flaw has been discovered in CodeAstro Complaint 
Management  ...)
-       TODO: check
+       NOT-FOR-US: CodeAstro
 CVE-2026-13548 (A vulnerability was identified in itsourcecode Hospital 
Management Sys ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2026-13547 (A vulnerability was determined in Hanwang e-Face General 
Management Pl ...)
        TODO: check
 CVE-2026-13546 (A vulnerability was found in Feehi CMS up to 2.1.1. This 
vulnerability ...)
        TODO: check
 CVE-2026-13545 (A vulnerability has been found in D-Link DCS-935L 1.10.01. 
This affect ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2026-13437 (Insertion of sensitive information into sent data in the AI 
Agent job  ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2026-13165 (SzafirHost verifies the downloaded native library archive with 
one Jar ...)
        TODO: check
 CVE-2026-12912 (A flaw was found in libtiff. A remote attacker could exploit 
this vuln ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d70e41905f2df091199591ce23c35dacfcf0c2ad

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d70e41905f2df091199591ce23c35dacfcf0c2ad
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to