[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 22 22:14:45 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e943d888 by Salvatore Bonaccorso at 2026-04-22T23:13:55+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,13 +7,13 @@ CVE-2026-6861 (A flaw was found in GNU Emacs. This vulnerability, a memory corru
NOTE: https://debbugs.gnu.org/80851
NOTE: Fixed by: https://cgit.git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-30&id=8f535370b9efbc91673b20c6987a5cae4f6dc562
CVE-2026-6859 (A flaw was found in InstructLab. The `linux_train.py` script hardcodes ...)
- TODO: check
+ NOT-FOR-US: InstructLab
CVE-2026-6857 (A flaw was found in camel-infinispan. This vulnerability involves unsa ...)
- TODO: check
+ NOT-FOR-US: camel-infinispan
CVE-2026-6855 (A flaw was found in InstructLab. A local attacker could exploit a path ...)
- TODO: check
+ NOT-FOR-US: InstructLab
CVE-2026-6848 (A flaw was found in Red Hat Quay. When Red Hat Quay requests password ...)
- TODO: check
+ NOT-FOR-US: Red Hat Quay
CVE-2026-6846 (A flaw was found in binutils. A heap-buffer-overflow vulnerability exi ...)
- binutils <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2460006
@@ -43,9 +43,9 @@ CVE-2026-6515 (GitLab has remediated an issue in GitLab CE/EE affecting all vers
CVE-2026-6396 (The Fast & Fancy Filter \u2013 3F plugin for WordPress is vulnerable t ...)
NOT-FOR-US: WordPress plugin
CVE-2026-6356 (A vulnerability in the web application allows standard users to escala ...)
- TODO: check
+ NOT-FOR-US: Augmentt
CVE-2026-6355 (A vulnerability in the web application allows unauthorized users to ac ...)
- TODO: check
+ NOT-FOR-US: Augmentt
CVE-2026-6294 (The Google PageRank Display plugin for WordPress is vulnerable to Cros ...)
NOT-FOR-US: WordPress plugin
CVE-2026-6246 (The Simple Random Posts Shortcode plugin for WordPress is vulnerable t ...)
@@ -67,9 +67,9 @@ CVE-2026-5816 (GitLab has remediated an issue in GitLab CE/EE affecting all vers
CVE-2026-5767 (The SlideShowPro SC plugin for WordPress is vulnerable to Stored Cross ...)
NOT-FOR-US: WordPress plugin
CVE-2026-5750 (An insecure direct object reference (IDOR) vulnerability in the Fullst ...)
- TODO: check
+ NOT-FOR-US: Fullstep
CVE-2026-5749 (Inadequate access control in the registration process in Fullstep V5, ...)
- TODO: check
+ NOT-FOR-US: Fullstep
CVE-2026-5748 (The Text Snippets plugin for WordPress is vulnerable to Stored Cross-S ...)
NOT-FOR-US: WordPress plugin
CVE-2026-5377 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
@@ -127,11 +127,11 @@ CVE-2026-4076 (The Slider Bootstrap Carousel plugin for WordPress is vulnerable
CVE-2026-4074 (The Quran Live Multilanguage plugin for WordPress is vulnerable to Sto ...)
NOT-FOR-US: WordPress plugin
CVE-2026-41469 (Beghelli Sicuro24 SicuroWeb does not enforce a Content Security Policy ...)
- TODO: check
+ NOT-FOR-US: Beghelli Sicuro24 SicuroWeb
CVE-2026-41468 (Beghelli Sicuro24 SicuroWeb embeds AngularJS 1.5.2, an end-of-life com ...)
- TODO: check
+ NOT-FOR-US: Beghelli Sicuro24 SicuroWeb
CVE-2026-41459 (Xerte Online Toolkits versions 3.15 and earlier contain an information ...)
- TODO: check
+ NOT-FOR-US: Xerte Online Toolkits
CVE-2026-40542 (Missing critical step in authentication in Apache HttpClient 5.6 allow ...)
TODO: check
CVE-2026-3362 (The Short Comment Filter plugin for WordPress is vulnerable to Stored ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e943d8887b79506f5cc1e3e936073fa9f2126525
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e943d8887b79506f5cc1e3e936073fa9f2126525
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260422/c6664fd3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list