Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d60b1be6 by Salvatore Bonaccorso at 2026-07-02T21:58:04+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -32,7 +32,7 @@ CVE-2026-9145 (The Database for Contact Form 7, WPforms, 
Elementor forms plugin
 CVE-2026-8699 (A stored Cross-Site Scripting (XSS) vulnerability has been 
identified  ...)
        NOT-FOR-US: TPLink
 CVE-2026-8482 (A vulnerability was discovered on StormShield Network Security 
4.3.0 t ...)
-       TODO: check
+       NOT-FOR-US: StormShield
 CVE-2026-8441 (The WP Review Slider Pro plugin for WordPress is vulnerable to 
SQL Inj ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-8147 (In MLflow versions prior to 3.14.0, when running with 
authentication e ...)
@@ -44,13 +44,13 @@ CVE-2026-7311 (The TinyPNG \u2013 JPEG, PNG & WebP image 
compression plugin for
 CVE-2026-5524 (The Divi Form Builder plugin for WordPress is vulnerable to 
Arbitrary  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-58653 (PraisonAI before 0.1.7 fails to validate that project_id in 
issue crea ...)
-       TODO: check
+       NOT-FOR-US: PraisonAI
 CVE-2026-58652 (luci-app-travelmate (and the travelmate package) contain a 
privilege-e ...)
-       TODO: check
+       NOT-FOR-US: luci-app-travelmate
 CVE-2026-58465 (Eclipse Wakaama before snapshot/2026-05-26 contains an 
unbounded memor ...)
        TODO: check
 CVE-2026-58455 (Dockwatch through 0.6.567 contains an unauthenticated OS 
command injec ...)
-       TODO: check
+       NOT-FOR-US: Dockwatch
 CVE-2026-57766 (Unauthenticated Cross Site Request Forgery (CSRF) in WPIDE 
\u2013 File ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-57765 (Contributor SQL Injection in WP EasyCart <= 5.9.0 versions.)
@@ -192,9 +192,9 @@ CVE-2026-57343 (Unauthenticated Cross Site Scripting (XSS) 
in Real Estate 7 <= 3
 CVE-2026-57342 (Subscriber Cross Site Scripting (XSS) in ShortPixel Adaptive 
Images <= ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-56842 (A malicious actor with access to the network and under certain 
conditi ...)
-       TODO: check
+       NOT-FOR-US: UniFi
 CVE-2026-56841 (A malicious actor with access to the network and low 
privileges could  ...)
-       TODO: check
+       NOT-FOR-US: UniFi
 CVE-2026-56037 (Deserialization of Untrusted Data vulnerability in Themify 
Themify Pop ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-56004 (A shellcode injection in the mercurial handler of the obs 
tar_scm sour ...)
@@ -204,25 +204,25 @@ CVE-2026-55952 (The Erlang/OTP ssl application does not 
validate that the PSK id
 CVE-2026-55950 (Time-of-check Time-of-use (TOCTOU) race condition 
vulnerability in Erl ...)
        TODO: check
 CVE-2026-55119 (A malicious actor with access to the network and low 
privileges could  ...)
-       TODO: check
+       NOT-FOR-US: UniFi
 CVE-2026-55118 (A malicious actor with access to the network,low privileges 
and under  ...)
-       TODO: check
+       NOT-FOR-US: UniFi
 CVE-2026-55117 (A malicious actor with access to the network could exploit a 
Path Trav ...)
-       TODO: check
+       NOT-FOR-US: UniFi
 CVE-2026-55116 (A malicious actor with access to the network and under certain 
network ...)
-       TODO: check
+       NOT-FOR-US: UniFi
 CVE-2026-55115 (A malicious actor with access to the network and low 
privileges could  ...)
-       TODO: check
+       NOT-FOR-US: UniFi
 CVE-2026-55114 (A malicious actor with access to the network and low 
privileges could  ...)
-       TODO: check
+       NOT-FOR-US: UniFi
 CVE-2026-55113 (A malicious actor with access to the network could exploit a 
Server-Si ...)
-       TODO: check
+       NOT-FOR-US: UniFi
 CVE-2026-55112 (A malicious actor with access to the network and low 
privileges and un ...)
-       TODO: check
+       NOT-FOR-US: UniFi
 CVE-2026-55111 (A malicious actor with access to the network could exploit a 
Path Trav ...)
-       TODO: check
+       NOT-FOR-US: UniFi
 CVE-2026-55110 (A malicious actor who lures an authenticated user to a 
malicious page  ...)
-       TODO: check
+       NOT-FOR-US: UniFi
 CVE-2026-54891 (Improper Enforcement of Message Integrity During Transmission 
in a Com ...)
        TODO: check
 CVE-2026-54887 (Use of Default Cryptographic Key vulnerability in Erlang/OTP 
ssl (DTLS ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d60b1be6ced5a0a12aa78b473c92b68069118495

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d60b1be6ced5a0a12aa78b473c92b68069118495
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to