Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b042754a by security tracker role at 2026-06-30T07:14:26+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2026-9576 (The Fluent Booking WordPress plugin before 2.1.2 does not
verify owne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8944 (The Plugin for Google Analytics by IO technologies plugin for
WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8023 (Zephyr's HTTP server (subsys/net/lib/http) provides a
static-filesyste ...)
- TODO: check
+ NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2026-7656 (The IPv6 Neighbor Discovery handlers in
subsys/net/ip/ipv6_nbr.c (hand ...)
- TODO: check
+ NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2026-57997 (Strapi users-permissions plugin fails to restrict JWT
algorithms when ...)
TODO: check
CVE-2026-57919 (PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before
26.2 cr ...)
@@ -35,79 +35,79 @@ CVE-2026-51219 (A heap buffer overflow in the
HighPriorityASDUQueue_hasUnconfirm
CVE-2026-51218 (A heap buffer overflow in the
TS7Worker::PerformFunctionWrite() functi ...)
TODO: check
CVE-2026-43746 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43745 (An out-of-bounds write issue was addressed with improved input
validat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43743 (A race condition was addressed with improved state handling.
This issu ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43742 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43740 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43735 (The issue was addressed with improved checks. This issue is
fixed in S ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43734 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43732 (A path handling issue was addressed with improved validation.
This iss ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43731 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43727 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43726 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43725 (The issue was addressed with improved input validation. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43724 (The issue was addressed with improved input sanitization. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43722 (The issue was addressed with improved input sanitization. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43721 (This issue was addressed through improved state management.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43720 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43718 (A stack overflow was addressed with improved input validation.
This is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43717 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43716 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43715 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43713 (A permissions issue was addressed with additional
restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43712 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43709 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43708 (The issue was addressed with improved input validation. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43707 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43706 (A double free issue was addressed with improved memory
management. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43705 (A type confusion issue was addressed with improved checks.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43704 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43703 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43701 (The issue was addressed with improved checks. This issue is
fixed in S ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43700 (A cross-origin issue was addressed with improved tracking of
security ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43699 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43676 (An out-of-bounds access issue was addressed with improved
bounds check ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-43663 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-41896 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
TODO: check
CVE-2026-39872 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-39868 (This issue was addressed with improved input validation. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-37637 (An issue in Alexantr filemanager v.1.0 allows a remote
attacker to exe ...)
TODO: check
CVE-2026-34597 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
@@ -119,45 +119,45 @@ CVE-2026-34592 (Coolify is an open-source and
self-hostable tool for managing se
CVE-2026-31016 (Cross Site Request Forgery vulnerability in Squidex.io Squidex
CMS v.7 ...)
TODO: check
CVE-2026-28979 (An out-of-bounds access issue was addressed with improved
bounds check ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-14164 (A double free issue has been identified in libarchive's RAR5
reader. D ...)
TODO: check
CVE-2026-14160 (Time-of-check time-of-use (TOCTOU) race condition
vulnerability in Sam ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2026-13763 (Inconsistent interpretation of HTTP/2 requests in AWS
Application Load ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2026-13762 (Inconsistent interpretation of HTTP/2 requests in Amazon
CloudFront wi ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2026-13008
REJECTED
CVE-2026-12819 (Delta Electronics DVP12SE PLC exposes a Modbus TCP service
over a spec ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2026-12818 (Delta Electronics DVP12SE PLCs are susceptible to a resource
allocatio ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2026-12560 (The Editorial Rating \u2013 Product Review & Rating System
plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-12349 (The Premium Addons for KingComposer plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-12243 (NLTK version 3.9.4 is vulnerable to a path traversal attack
due to an ...)
TODO: check
CVE-2026-12240 (The Export User Data plugin for WordPress is vulnerable to
arbitrary f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-12114 (The Team Members \u2013 Multi Language Supported Team Plugin
plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-12073 (The ProfileGrid \u2013 User Profiles, Groups and Communities
plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-11590 (The WP Support Plus Responsive Ticket System WordPress plugin
through ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-11589 (The WP Support Plus Responsive Ticket System WordPress plugin
through ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-11581 (The Kali Forms \u2014 Contact Form & Drag-and-Drop Builder
WordPress p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-11367 (The PixMagix \u2013 WordPress Image Editor plugin for
WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-10648 (mcumgr_serial_process_frag() in
subsys/mgmt/mcumgr/transport/src/seria ...)
- TODO: check
+ NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2026-10647 (The USB CDC-NCM device class
(subsys/usb/device_next/class/usbd_cdc_nc ...)
- TODO: check
+ NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2026-55956 (Improper Authorization vulnerability in Apache Tomcat leads to
securit ...)
- tomcat11 <unfixed>
- tomcat10 <unfixed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b042754a09c85f3dee6601395e0c5381a399b3ad
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b042754a09c85f3dee6601395e0c5381a399b3ad
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits