[Git][security-tracker-team/security-tracker][master] automatic update

Wed Feb 11 08:13:29 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0637b0c7 by security tracker role at 2026-02-11T08:13:22+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,65 @@
+CVE-2026-26079 (Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading ...)
+	TODO: check
+CVE-2026-26044
+	REJECTED
+CVE-2026-26043
+	REJECTED
+CVE-2026-26042
+	REJECTED
+CVE-2026-26041
+	REJECTED
+CVE-2026-26040
+	REJECTED
+CVE-2026-26039
+	REJECTED
+CVE-2026-26038
+	REJECTED
+CVE-2026-26037
+	REJECTED
+CVE-2026-26036
+	REJECTED
+CVE-2026-26013 (LangChain is a framework for building agents and LLM-powered applicati ...)
+	TODO: check
+CVE-2026-26007 (cryptography is a package designed to expose cryptographic primitives  ...)
+	TODO: check
+CVE-2026-26006 (AutoGPT is a platform that allows users to create, deploy, and manage  ...)
+	TODO: check
+CVE-2026-25872 (JUNG Smart Panel KNX firmware version L1.12.22 and prior contain an un ...)
+	TODO: check
+CVE-2026-25870 (DoraCMS version 3.1 and prior contains a server-side request forgery ( ...)
+	TODO: check
+CVE-2026-25251
+	REJECTED
+CVE-2026-1893 (The Orbisius Random Name Generator plugin for WordPress is vulnerable  ...)
+	TODO: check
+CVE-2026-1763 (Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue a ...)
+	TODO: check
+CVE-2026-1762 (A vulnerability in GE Vernova Enervista UR Setup on Windows allows Fil ...)
+	TODO: check
+CVE-2026-1571 (User-controlled input is reflected into the HTML output without proper ...)
+	TODO: check
+CVE-2026-1507 (The affected products are vulnerable to an uncaught exception that cou ...)
+	TODO: check
+CVE-2026-1495 (The vulnerability, if exploited, could allow an attacker with Event Lo ...)
+	TODO: check
+CVE-2026-1357 (The Migration, Backup, Staging \u2013 WPvivid Backup & Migration plugi ...)
+	TODO: check
+CVE-2026-1235 (The WP eCommerce WordPress plugin through 3.15.1 unserializes user inp ...)
+	TODO: check
+CVE-2026-1231 (The Beaver Builder Page Builder \u2013 Drag and Drop Website Builder p ...)
+	TODO: check
+CVE-2025-15524 (The Gallery by FooGallery plugin for WordPress is vulnerable to unauth ...)
+	TODO: check
+CVE-2025-15400 (The Pix para Woocommerce  WordPress plugin through 2.13.3 allows any a ...)
+	TODO: check
+CVE-2025-14541 (The Lucky Wheel Giveaway plugin for WordPress is vulnerable to Remote  ...)
+	TODO: check
+CVE-2025-13431 (The SlimStat Analytics plugin for WordPress is vulnerable to time-base ...)
+	TODO: check
+CVE-2025-12699 (The ZOLL ePCR IOS application reflects unsanitized user input into a W ...)
+	TODO: check
+CVE-2025-10912 (Authorization Bypass Through User-Controlled Key vulnerability in Saas ...)
+	TODO: check
 CVE-2026-2272 [ICO import integer overflow bypass leads to heap buffer overflow]
 	- gimp <unfixed>
 	NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15617
@@ -1138,7 +1200,7 @@ CVE-2026-25859 (Wekan versions prior to 8.20 allow non-administrative users to a
 	- wekan <itp> (bug #819238)
 CVE-2026-25858 (macrozheng mall version 1.0.3 and prior contains an authentication vul ...)
 	NOT-FOR-US: macrozheng mall
-CVE-2026-25857 (Tenda G300-F router firmware versio 16.01.14.2 and prior contain an OS ...)
+CVE-2026-25857 (Tenda G300-F router firmware version 16.01.14.2 and prior contain an O ...)
 	NOT-FOR-US: Tenda
 CVE-2026-25568 (WeKan versions prior to 8.19 contain an authorization logic vulnerabil ...)
 	- wekan <itp> (bug #819238)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0637b0c76ca1cb7c878a4f3751f65202310e4e0c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0637b0c76ca1cb7c878a4f3751f65202310e4e0c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260211/05df4406/attachment-0001.htm>
