[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 1 08:15:03 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0d556f94 by security tracker role at 2026-04-01T07:14:54+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2026-5258 (A vulnerability was found in Sanster IOPaint 1.5.3. Impacted is the fu ...)
TODO: check
CVE-2026-5257 (A vulnerability has been found in code-projects Simple Laundry System ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5256 (A flaw has been found in code-projects Simple Laundry System 1.0. This ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5255 (A vulnerability was detected in code-projects Simple Laundry System 1. ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5254 (A security vulnerability has been detected in welovemedia FFmate up to ...)
TODO: check
CVE-2026-5253 (A weakness has been identified in bufanyun HotGo 1.0/2.0. Affected by ...)
@@ -19,53 +19,53 @@ CVE-2026-5249 (A vulnerability was found in gougucms 4.08.18. This impacts an un
CVE-2026-5248 (A vulnerability has been found in gougucms 4.08.18. This affects the f ...)
TODO: check
CVE-2026-5240 (A security vulnerability has been detected in code-projects BloodBank ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5238 (A weakness has been identified in itsourcecode Payroll Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-5237 (A security flaw has been discovered in itsourcecode Payroll Management ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-5236 (A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Af ...)
TODO: check
CVE-2026-5235 (A vulnerability was determined in Axiomatic Bento4 up to 1.6.0-641. Th ...)
TODO: check
CVE-2026-5215 (A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-5214 (A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-3 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-5213 (A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-5212 (A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-5211 (A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-5210 (A vulnerability was detected in SourceCodester Leave Application Syste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-5209 (A security vulnerability has been detected in SourceCodester Leave App ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-5206 (A security vulnerability has been detected in code-projects Simple Gym ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5205 (A vulnerability was identified in chatwoot up to 4.11.2. Affected by t ...)
TODO: check
CVE-2026-5204 (A vulnerability was determined in Tenda CH22 1.0.0.1. Affected is the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-5203 (A vulnerability was found in CMS Made Simple up to 2.2.22. This impact ...)
TODO: check
CVE-2026-5201 (A flaw was found in the gdk-pixbuf library. This heap-based buffer ove ...)
TODO: check
CVE-2026-5198 (A vulnerability was determined in code-projects Student Membership Sys ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5197 (A vulnerability was found in code-projects Student Membership System 1 ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5196 (A vulnerability has been found in code-projects Student Membership Sys ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5195 (A flaw has been found in code-projects Student Membership System 1.0. ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5190 (Out-of-bounds write in the streaming decoder component in aws-c-event- ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2026-5186 (A weakness has been identified in Nothings stb up to 2.30. This impact ...)
TODO: check
CVE-2026-4947 (Addressed a potential insecure direct object reference (IDOR) vulnerab ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-4819 (In Search Guard FLX versions from 1.0.0 up to 4.0.1, the audit logging ...)
TODO: check
CVE-2026-4818 (In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an i ...)
@@ -77,47 +77,47 @@ CVE-2026-4799 (In Search Guard FLX up to version 4.0.1, it is possible to use sp
CVE-2026-4748 (A regression in the way hashes were calculated caused rules containing ...)
TODO: check
CVE-2026-4668 (The Booking for Appointments and Events Calendar - Amelia plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4400 (Insecure Direct Object Reference (IDOR) vulnerability in 1millionbot M ...)
TODO: check
CVE-2026-4399 (Prompt injection vulnerability in 1millionbot Millie chatbot that occu ...)
TODO: check
CVE-2026-4374 (Improper Restriction of XML External Entity Reference vulnerability in ...)
- TODO: check
+ NOT-FOR-US: RTI Connext
CVE-2026-4317 (SQL inyection (SQLi) vulnerability in Umami Software web application t ...)
TODO: check
CVE-2026-4267 (The Query Monitor \u2013 The developer tools panel for WordPress plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-3831 (The Database for Contact Form 7, WPforms, Elementor forms plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-3780 (The application's installer runs with elevated privileges but resolves ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-3779 (The application's list box calculate array logic keeps stale reference ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-3778 (The application does not detect or guard against cyclic PDF object ref ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-3777 (The application does not properly validate the lifetime and validity o ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-3776 (The application does not validate the presence of required appearance ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-3775 (The application's update service, when checking for updates, loads cer ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-3774 (The application allows PDF JavaScript and document/print actions (such ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-3470 (A vulnerability exists in the SonicWall Email Security appliance due t ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2026-3469 (A denial-of-service (DoS) vulnerability exists due to improper input v ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2026-3468 (A stored Cross-Site Scripting (XSS) vulnerability has been identified ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2026-3356 (The MS27102A Remote Spectrum Monitor is vulnerable to an authenticatio ...)
TODO: check
CVE-2026-3308 (An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF ...)
TODO: check
CVE-2026-3191 (The Minify HTML plugin for WordPress is vulnerable to Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-3139 (The User Profile Builder \u2013 Beautiful User Registration Forms, Use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-3107 (Stored Cross-Site Scripting (XSS) in Teampass versions prior to 3.1.5. ...)
TODO: check
CVE-2026-3106 (Blind Cross-Site Scripting (XSS) in Teampass, versions prior to 3.1.5. ...)
@@ -131,9 +131,9 @@ CVE-2026-35055 (XenForo before 2.3.9 and before 2.2.18 is vulnerable to cross-si
CVE-2026-35054 (XenForo before 2.3.9 is vulnerable to stored cross-site scripting (XSS ...)
TODO: check
CVE-2026-34887 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-34784 (Parse Server is an open source backend that can be deployed to any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34740 (WWBN AVideo is an open source video platform. In versions 26.0 and pri ...)
TODO: check
CVE-2026-34739 (WWBN AVideo is an open source video platform. In versions 26.0 and pri ...)
@@ -157,15 +157,15 @@ CVE-2026-34611 (WWBN AVideo is an open source video platform. In versions 26.0 a
CVE-2026-34605 (SiYuan is a personal knowledge management system. From version 3.6.0 t ...)
TODO: check
CVE-2026-34595 (Parse Server is an open source backend that can be deployed to any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34586 (PdfDing is a selfhosted PDF manager, viewer and editor offering a seam ...)
TODO: check
CVE-2026-34585 (SiYuan is a personal knowledge management system. Prior to version 3.6 ...)
TODO: check
CVE-2026-34574 (Parse Server is an open source backend that can be deployed to any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34573 (Parse Server is an open source backend that can be deployed to any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34556 (iccDEV provides a set of libraries and tools for working with ICC colo ...)
TODO: check
CVE-2026-34555 (iccDEV provides a set of libraries and tools for working with ICC colo ...)
@@ -207,19 +207,19 @@ CVE-2026-34534 (iccDEV provides a set of libraries and tools for working with IC
CVE-2026-34533 (iccDEV provides a set of libraries and tools for working with ICC colo ...)
TODO: check
CVE-2026-34532 (Parse Server is an open source backend that can be deployed to any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34509 (OpenClaw before 2026.3.8 contains a sender allowlist bypass vulnerabil ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-34508 (OpenClaw before 2026.3.12 applies rate limiting only after webhook aut ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-34506 (OpenClaw before 2026.3.8 contains a sender allowlist bypass vulnerabil ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-34505 (OpenClaw before 2026.3.12 applies rate limiting only after successful ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-34504 (OpenClaw before 2026.3.28 contains a server-side request forgery vulne ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-34503 (OpenClaw before 2026.3.28 fails to disconnect active WebSocket session ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-34453 (SiYuan is a personal knowledge management system. Prior to version 3.6 ...)
TODO: check
CVE-2026-34452 (The Claude SDK for Python provides access to the Claude API from Pytho ...)
@@ -265,7 +265,7 @@ CVE-2026-34381 (Admidio is an open-source user management solution. From version
CVE-2026-34377 (ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad versio ...)
TODO: check
CVE-2026-34373 (Parse Server is an open source backend that can be deployed to any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34372 (Sulu is an open-source PHP content management system based on the Symf ...)
TODO: check
CVE-2026-34367 (InvoiceShelf is an open-source web & mobile app that helps track expen ...)
@@ -275,7 +275,7 @@ CVE-2026-34366 (InvoiceShelf is an open-source web & mobile app that helps track
CVE-2026-34365 (InvoiceShelf is an open-source web & mobile app that helps track expen ...)
TODO: check
CVE-2026-34363 (Parse Server is an open source backend that can be deployed to any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34361 (HAPI FHIR is a complete implementation of the HL7 FHIR standard for he ...)
TODO: check
CVE-2026-34360 (HAPI FHIR is a complete implementation of the HL7 FHIR standard for he ...)
@@ -295,7 +295,7 @@ CVE-2026-34231 (Slippers is a UI component framework for Django. Prior to versio
CVE-2026-34227 (Sliver is a command and control framework that uses a custom Wireguard ...)
TODO: check
CVE-2026-34224 (Parse Server is an open source backend that can be deployed to any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34221 (MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of ...)
TODO: check
CVE-2026-34220 (MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of ...)
@@ -305,7 +305,7 @@ CVE-2026-34219 (libp2p-rust is the official rust language Implementation of the
CVE-2026-34218 (ClearanceKit intercepts file-system access events on macOS and enforce ...)
TODO: check
CVE-2026-34215 (Parse Server is an open source backend that can be deployed to any inf ...)
- TODO: check
+ NOT-FOR-US: Parse Server
CVE-2026-34214 (Trino is a distributed SQL query engine for big data analytics. From v ...)
TODO: check
CVE-2026-34210 (mppx is a TypeScript interface for machine payments protocol. Prior to ...)
@@ -337,77 +337,77 @@ CVE-2026-34155 (RAUC controls the update process on embedded Linux systems. Prio
CVE-2026-33762 (go-git is an extensible git implementation library written in pure Go. ...)
TODO: check
CVE-2026-33581 (OpenClaw before 2026.3.24 contains a sandbox bypass vulnerability in t ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-33580 (OpenClaw before 2026.3.28 contains a missing rate limiting vulnerabili ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-33579 (OpenClaw before 2026.3.28 contains a privilege escalation vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-33578 (OpenClaw before 2026.3.28 contains a sender policy bypass vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-33577 (OpenClaw before 2026.3.28 contains an insufficient scope validation vu ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-33576 (OpenClaw before 2026.3.28 downloads and stores inbound media from Zalo ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-33415 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-33300 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-33276 (Stored cross-site scripting (XSS) in Checkmk 2.5.0 (beta) before 2.5.0 ...)
TODO: check
CVE-2026-33185 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-33074 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-33073 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32988 (OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerabi ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32982 (OpenClaw before 2026.3.13 contains an information disclosure vulnerabi ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32977 (OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerabi ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32976 (OpenClaw before 2026.3.11 contains an authorization bypass vulnerabili ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32971 (OpenClaw before 2026.3.11 contains an approval-integrity vulnerability ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32970 (OpenClaw before 2026.3.11 contains a credential fallback vulnerability ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32951 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32921 (OpenClaw before 2026.3.8 contains an approval bypass vulnerability in ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32920 (OpenClaw before 2026.3.12 automatically discovers and loads plugins fr ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32917 (OpenClaw before 2026.3.13 contains a remote command injection vulnerab ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32916 (OpenClaw versions 2026.3.7 before 2026.3.11 contain an authorization b ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32726 (SciTokens C++ is a minimal library for creating and using SciTokens fr ...)
TODO: check
CVE-2026-32725 (SciTokens C++ is a minimal library for creating and using SciTokens fr ...)
TODO: check
CVE-2026-32620 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32619 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32618 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32615 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32607 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32273 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32243 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32143 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-32113 (Discourse is an open-source discussion platform. From versions 2026.1. ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2026-30521 (A Business Logic vulnerability exists in SourceCodester Loan Managemen ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-30520 (A Blind SQL Injection vulnerability exists in SourceCodester Loan Mana ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-30314 (Ridvay Code's command auto-approval module contains a critical OS comm ...)
TODO: check
CVE-2026-30312 (DSAI-Cline's command auto-approval module contains a critical OS comma ...)
@@ -445,13 +445,13 @@ CVE-2026-30276 (An arbitrary file overwrite vulnerability in DeftPDF Document Tr
CVE-2026-2950 (Impact: Lodash versions 4.17.23 and earlier are vulnerable to prototy ...)
TODO: check
CVE-2026-2696 (The Export All URLs WordPress plugin before 5.1 generates CSV filename ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2480 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2394 (Buffer Over-read vulnerability in RTI Connext Professional (Core Libra ...)
- TODO: check
+ NOT-FOR-US: RTI Connext
CVE-2026-2123 (A security audit identified a privilege escalation vulnerability in Op ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2026-29870 (A directory traversal vulnerability in the agentic-context-engine proj ...)
TODO: check
CVE-2026-24165 (NVIDIA BioNeMo contains a vulnerability where a user could cause a des ...)
@@ -465,7 +465,7 @@ CVE-2026-24153 (NVIDIA Jetson Linux has a vulnerability in initrd, where the nvl
CVE-2026-24148 (NVIDIA Jetson for JetPack contains a vulnerability in the system initi ...)
TODO: check
CVE-2026-22569 (An incorrect startup configuration of affected versions of Zscaler Cli ...)
- TODO: check
+ NOT-FOR-US: Zscaler
CVE-2026-22561 (Uncontrolled search path elements in Anthropic Claude for Windows inst ...)
TODO: check
CVE-2026-20915 (Stored cross-site scripting (XSS) in Checkmk version 2.5.0 (beta) befo ...)
@@ -473,7 +473,7 @@ CVE-2026-20915 (Stored cross-site scripting (XSS) in Checkmk version 2.5.0 (beta
CVE-2026-1579 (The MAVLink communication protocol does not require cryptographic aut ...)
TODO: check
CVE-2026-0596 (A command injection vulnerability exists in mlflow/mlflow when serving ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2025-71282 (XenForo before 2.3.7 discloses filesystem paths through exception mess ...)
TODO: check
CVE-2025-71281 (XenForo before 2.3.7 does not properly restrict methods callable from ...)
@@ -493,17 +493,17 @@ CVE-2025-41356 (Reflected Cross-Site Scripting (XSS) vulnerability in Anon Proxy
CVE-2025-41355 (Reflected Cross-Site Scripting (XSS) vulnerability in Anon Proxy Serve ...)
TODO: check
CVE-2025-15484 (The Order Notification for WooCommerce WordPress plugin before 3.6.3 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14213 (Cato Networks\u2019 Socket versions prior to 25 contain a command inje ...)
- TODO: check
+ NOT-FOR-US: Cato
CVE-2025-13855 (IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vu ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-10559 (A Path Traversal vulnerability affecting Factory Resource Management i ...)
- TODO: check
+ NOT-FOR-US: Dassault Systemes
CVE-2025-10553 (A Stored Cross-site Scripting (XSS) vulnerability affecting Factory Re ...)
- TODO: check
+ NOT-FOR-US: Dassault Systemes
CVE-2025-10551 (A Stored Cross-site Scripting (XSS) vulnerability affecting Document M ...)
- TODO: check
+ NOT-FOR-US: Dassault Systemes
CVE-2024-58342 (XenForo before 2.2.17 and 2.3.1 allows open redirect via a specially c ...)
TODO: check
CVE-2026-34956
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d556f94564c09f8ff470fb0adde0e0bf07890d2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d556f94564c09f8ff470fb0adde0e0bf07890d2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260401/3b2b4c47/attachment.htm>
More information about the debian-security-tracker-commits
mailing list