[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Apr 27 20:14:07 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
986c7e75 by security tracker role at 2026-04-27T19:13:58+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,87 +15,87 @@ CVE-2026-7142 (A vulnerability was determined in Wooey up to 0.13.2. The impacte
CVE-2026-7141 (A vulnerability was found in vllm up to 0.19.0. The affected element i ...)
TODO: check
CVE-2026-7140 (A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-7139 (A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This is ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-7138 (A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-7137 (A security vulnerability has been detected in Totolink A8000RU 7.1cu.6 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-7136 (A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-7135 (A security flaw has been discovered in GPAC up to 26.03-DEV-rev105-g8f ...)
TODO: check
CVE-2026-7134 (A vulnerability was identified in code-projects Online Lot Reservation ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7133 (A vulnerability was determined in code-projects Online Lot Reservation ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7132 (A vulnerability was found in code-projects Online Lot Reservation Syst ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7131 (A vulnerability has been found in code-projects Online Lot Reservation ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7130 (A flaw has been found in SourceCodester Pharmacy Sales and Inventory S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-7129 (A vulnerability was detected in SourceCodester Pharmacy Sales and Inve ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-7128 (A security vulnerability has been detected in SourceCodester Pharmacy ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-7127 (A weakness has been identified in SourceCodester Pharmacy Sales and In ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-7126 (A security flaw has been discovered in SourceCodester Pharmacy Sales a ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-7125 (A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-7124 (A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-7123 (A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Aff ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-7122 (A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-7121 (A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This af ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-7119 (A vulnerability was detected in Tenda HG3 2.0. The impacted element is ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-7118 (A security vulnerability has been detected in code-projects Employee M ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7117 (A weakness has been identified in code-projects Employee Management Sy ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7116 (A security flaw has been discovered in code-projects Employee Manageme ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7115 (A vulnerability was identified in code-projects Employee Management Sy ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7114 (A vulnerability was determined in code-projects Employee Management Sy ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7113 (A vulnerability was found in NousResearch hermes-agent 0.8.0. Affected ...)
TODO: check
CVE-2026-7112 (A vulnerability has been found in NousResearch hermes-agent 0.8.0. Aff ...)
TODO: check
CVE-2026-7110 (A flaw has been found in code-projects Invoice System in Laravel 1.0. ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7109 (A vulnerability was detected in code-projects Invoice System in Larave ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7108 (A security vulnerability has been detected in code-projects Invoice Sy ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7107 (A weakness has been identified in code-projects Invoice System in Lara ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7103 (A vulnerability was determined in code-projects Chat System 1.0. Affec ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7102 (A vulnerability was found in Tenda F456 1.0.0.5. This impacts the func ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-7101 (A vulnerability has been found in Tenda F456 1.0.0.5. This affects the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-7100 (A flaw has been found in Tenda F456 1.0.0.5. The impacted element is t ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-7099 (A vulnerability was detected in Tenda F456 1.0.0.5. The affected eleme ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-7098 (A security vulnerability has been detected in Tenda F456 1.0.0.5. Impa ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-7097 (A weakness has been identified in Tenda F456 1.0.0.5. This issue affec ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-7096 (A security flaw has been discovered in Tenda HG3 2.0 300003070. This v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-7095 (A vulnerability was identified in code-projects Employee Management Sy ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-6970 (authd prior to version 0.6.4 contains a logic error in primary group I ...)
TODO: check
CVE-2026-6357 (pip prior to version 26.1 would run self-update check functionality af ...)
@@ -105,23 +105,23 @@ CVE-2026-6337
CVE-2026-6265 (Insecure preserved inherited permissions vulnerability in Cerberus FTP ...)
TODO: check
CVE-2026-5943 (Document structural anomalies caused inconsistencies between page elem ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-5942 (Flaws in page lifecycle management allow document structure changes to ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-5941 (Parsing logic flaws cause non-signature data to be misidentified as va ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-5940 (Calling a function that triggers a UI refresh after removing comments ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-5939 (A crafted XFA PDF can trigger a use-after-free condition during calcul ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-5938 (Improper control flow management allows a crafted document action chai ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-5937 (Insufficient parameter verification leads to the occurrence of format ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-42410 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42379 (Insertion of Sensitive Information Into Sent Data vulnerability in WPD ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-41635 (Apache MINA's AbstractIoBuffer.resolveClass() contains two branches, o ...)
TODO: check
CVE-2026-41467 (ProjeQtor versions 7.0 through 12.4.3 contain a stored cross-site scri ...)
@@ -139,11 +139,11 @@ CVE-2026-41462 (ProjeQtor versions 7.0 through 12.4.3 contain an unauthenticated
CVE-2026-41409 (The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() ...)
TODO: check
CVE-2026-41081 (Improper Handling of TLS Client Authentication Failure Leading to Anon ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-40860 (JmsBinding.extractBodyFromJms() in camel-jms, and the equivalent JmsBi ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-40858 (The camel-infinispan component's ProtoStream-based remote aggregation ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-40557 (Improper Certificate Validation via Global SSL Context Downgrade in Ap ...)
TODO: check
CVE-2026-40514 (SmarterTools SmarterMail builds prior to 9610 contain a cryptographic ...)
@@ -169,13 +169,13 @@ CVE-2026-35902 (The RTSP service of MERCURY IP camera MIPC252W 1.0.5 Build 23030
CVE-2026-35901 (A handling issue in the RTSP service of the Mercury MIPC252W 1.0.5 Bui ...)
TODO: check
CVE-2026-33454 (The Camel-Mail component is vulnerable to Camel message header injecti ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-33453 (Improperly Controlled Modification of Dynamically-Determined Object At ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-32688 (Allocation of Resources Without Limits or Throttling vulnerability in ...)
TODO: check
CVE-2026-32655 (Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, cont ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-31691 (In the Linux kernel, the following vulnerability has been resolved: i ...)
TODO: check
CVE-2026-31690 (In the Linux kernel, the following vulnerability has been resolved: f ...)
@@ -191,7 +191,7 @@ CVE-2026-31686 (In the Linux kernel, the following vulnerability has been resolv
CVE-2026-31256 (A null pointer dereference vulnerability exists in the RTSP service of ...)
TODO: check
CVE-2026-31255 (A command injection vulnerability exists in Tenda AC18 V15.03.05.05_mu ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-30462 (A path traversal vulnerability in the Blocks module of Daylight Studio ...)
TODO: check
CVE-2026-30352 (A remote code execution (RCE) vulnerability in the /devserver/start en ...)
@@ -203,13 +203,13 @@ CVE-2026-30350 (An issue in the /store/items/search endpoint of Agent Protocol s
CVE-2026-30346 (An open redirect in the /api/google/authorize endpoint of hunvreus Dev ...)
TODO: check
CVE-2026-27172 (The ConsulRegistry in the camel-consul component (class org.apache.cam ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-25908 (Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, cont ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-22337 (Incorrect Privilege Assignment vulnerability in Directorist Directoris ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22336 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22077 (OPPO Wallet APP contains a trusted domain validation flaw that allows ...)
TODO: check
CVE-2025-69689 (The Fan Control application V251 contains an improper privilege handli ...)
@@ -455650,7 +455650,7 @@ CVE-2021-36440 (Unrestricted File Upload in ShowDoc v2.9.5 allows remote attacke
CVE-2021-36439
RESERVED
CVE-2021-36438 (SQL Injection vulnerability exists in Sourcecodester Online Job Portal ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2021-36437
RESERVED
CVE-2021-36436 (An issue in Mobicint Backend for Credit Unions v3 allows attackers to ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/986c7e757c80a18f4558d97710b7c44a0220a012
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/986c7e757c80a18f4558d97710b7c44a0220a012
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260427/73bf8c07/attachment.htm>
More information about the debian-security-tracker-commits
mailing list