[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jun 1 20:20:51 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
76e3fa0a by security tracker role at 2026-06-01T19:20:46+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,29 +1,29 @@
CVE-2026-9614 (An Improper Access Control vulnerability in IvantiNeurons forITSM(clou ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2026-9330 (IBM WebSphere Application Server 9.0, and 8.5 is affected by an improp ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-9319 (IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potenti ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-9311 (IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-9309 (Firefox for iOS Reader View did not properly escape HTML tags in JSON- ...)
TODO: check
CVE-2026-9308 (Firefox for iOS Reader View replaced page content in its HTML template ...)
TODO: check
CVE-2026-9024 (A Stored Cross-site Scripting (XSS) vulnerability affecting Process Ex ...)
- TODO: check
+ NOT-FOR-US: Dassault Systemes
CVE-2026-8931 (A critical Remote Code Execution (RCE) vulnerability exists in Disig W ...)
TODO: check
CVE-2026-8644 (IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identit ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-8501 (Improper access control in the PCTCore64.sys Windows kernel driver fro ...)
TODO: check
CVE-2026-8474 (A vulnerability was discovered on Stormshield Network Security ...)
TODO: check
CVE-2026-7858 (A Deserialization of Untrusted Data vulnerability affecting Teamwork C ...)
- TODO: check
+ NOT-FOR-US: Dassault Systemes
CVE-2026-7770 (IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solut ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-49361 (Apache Fluss versions prior to 0.9.1 configure the Netty LengthFieldBa ...)
TODO: check
CVE-2026-49270 (Exposure of Sensitive Information Through Metadata vulnerability in Ap ...)
@@ -33,13 +33,13 @@ CVE-2026-49157 (Incorrect Default Permissions vulnerability in Apache ActiveMQ.
CVE-2026-49121 (AI Tensor Engine for ROCm (AITER) through 0.1.14 contains an unauthent ...)
TODO: check
CVE-2026-48879 (Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Pri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-48866 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-48865 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-48839 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-48559 (Lightweight Music Server (LMS) though 3.76.0 contains a stored cross-s ...)
TODO: check
CVE-2026-48210 (An improper default configuration in OTRS 2026.3.1 causes ticket artic ...)
@@ -59,7 +59,7 @@ CVE-2026-48188 (An improper Input Validation vulnerability in OTRS or ((OTRS)) C
CVE-2026-48187 (An uncontrolled allocation of resources without limits or throttling i ...)
TODO: check
CVE-2026-47294 (Deserialization of untrusted data in Microsoft Office SharePoint allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-46605 (Incomplete authorization by Apache ActiveMQ server before versions v6. ...)
TODO: check
CVE-2026-45810 (Nextcloud is an open source content collaboration platform. In Nextclo ...)
@@ -141,31 +141,31 @@ CVE-2026-43624 (F5-TTS through version 1.1.20 contains a path traversal vulnerab
CVE-2026-43623 (microtar through 0.1.0 contains a stack-based buffer overflow vulnerab ...)
TODO: check
CVE-2026-42683 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42682 (Missing Authorization vulnerability in Tomdever wpForo Forum allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42681 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42680 (Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / Con ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42679 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42678 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42677 (Missing Authorization vulnerability in Ben Balter WP Document Revision ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42676 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42675 (Missing Authorization vulnerability in Themefic Hydra Booking allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42674 (Authentication Bypass by Spoofing vulnerability in AAM Plugin Advanced ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42673 (Insertion of Sensitive Information Into Sent Data vulnerability in Log ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42672 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42671 (Missing Authorization vulnerability in Paolo GeoDirectory allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-42588 (Improper Input Validation, Improper Control of Generation of Code ('Co ...)
TODO: check
CVE-2026-42253 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -225,7 +225,7 @@ CVE-2026-37221 (FlexRIC v2.0.0 crashes when receiving a RIC_SUBSCRIPTION_RESPONS
CVE-2026-37220 (FlexRIC v2.0.0 crashes when an SCTP association is closed before an E2 ...)
TODO: check
CVE-2026-34193 (Kernel software installed and running inside a Guest/Host VM may post ...)
- TODO: check
+ NOT-FOR-US: Imagination Technologies
CVE-2026-32325 (Privilege chaining issue exists in ServerView Agents for Windows V11.6 ...)
TODO: check
CVE-2026-30963 (Capsule is a multi-tenancy and policy-based framework for Kubernetes. ...)
@@ -241,15 +241,15 @@ CVE-2026-23638 (Kiteworks is a private data network (PDN). Prior to version 9.3.
CVE-2026-22872 (Capsule is a multi-tenancy and policy-based framework for Kubernetes. ...)
TODO: check
CVE-2026-20456 (In wlan STA driver, there is a possible system crash due to a missing ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20455 (In geniezone, there is a possible out of bounds write due to a missing ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20454 (In geniezone, there is a possible out of bounds write due to a race co ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20453 (In geniezone, there is a possible out of bounds write due to a missing ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20452 (In wlan AP driver, there is a possible memory corruption due to a heap ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-10533 (A flaw was found in OpenShift Container Platform. Completed pods with ...)
TODO: check
CVE-2026-10532 (Deserialization of untrusted data vulnerability in QOS.CH Sarl logback ...)
@@ -283,7 +283,7 @@ CVE-2026-10272 (A vulnerability has been found in a4m4 Student-Management-System
CVE-2026-10271 (A flaw has been found in a4m4 Student-Management-System up to f0c5f684 ...)
TODO: check
CVE-2026-10270 (A vulnerability was detected in D-Link DI-7001 MINI up to 19.09.19A1. ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-10269 (A security vulnerability has been detected in decolua 9router up to 0. ...)
TODO: check
CVE-2026-10268 (A weakness has been identified in janet-lang janet up to 1.41.0. This ...)
@@ -291,11 +291,11 @@ CVE-2026-10268 (A weakness has been identified in janet-lang janet up to 1.41.0.
CVE-2026-10267 (A security flaw has been discovered in janet-lang janet up to 1.41.0. ...)
TODO: check
CVE-2026-10265 (A vulnerability was identified in itsourcecode Content Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10264 (A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affecte ...)
TODO: check
CVE-2026-10263 (A vulnerability was found in SourceCodester Computer Repair Shop Manag ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10262 (A vulnerability has been found in code-projects Real State Services 1. ...)
TODO: check
CVE-2026-10261 (A flaw has been found in CodeAstro Online Job Portal 1.0. This affects ...)
@@ -305,39 +305,39 @@ CVE-2026-10260 (A vulnerability was detected in CodeAstro Online Job Portal 1.0.
CVE-2026-10259 (A security vulnerability has been detected in H3C Magic B0 up to 100R0 ...)
TODO: check
CVE-2026-10258 (A weakness has been identified in itsourcecode Content Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10257 (A security flaw has been discovered in itsourcecode Content Management ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10256 (A vulnerability was identified in itsourcecode Content Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10255 (A vulnerability has been found in SourceCodester Pharmacy Sales and In ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10254 (A flaw has been found in SourceCodester Pet Grooming Management Softwa ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10253 (A vulnerability was detected in itsourcecode Online House Rental Syste ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10252 (A security vulnerability has been detected in itsourcecode Online Hous ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10251 (A weakness has been identified in itsourcecode Online House Rental Sys ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10250 (A security flaw has been discovered in itsourcecode Online Blood Bank ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10249 (A vulnerability was identified in itsourcecode Online Blood Bank Manag ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10248 (A vulnerability was determined in SourceCodester Pharmacy Sales and In ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10247 (A vulnerability was found in SourceCodester Pharmacy Sales and Invento ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10246 (A vulnerability has been found in SourceCodester Pharmacy Sales and In ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10245 (A flaw has been found in SourceCodester Pharmacy Sales and Inventory S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10244 (A vulnerability was detected in SourceCodester Pharmacy Sales and Inve ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10243 (A security vulnerability has been detected in code-projects Smart Park ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-10242 (A weakness has been identified in itsourcecode Content Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-10241 (A security flaw has been discovered in jeecgboot The server processes ...)
TODO: check
CVE-2026-10240 (A vulnerability was identified in JeecgBoot up to 3.9.2. The impacted ...)
@@ -345,11 +345,11 @@ CVE-2026-10240 (A vulnerability was identified in JeecgBoot up to 3.9.2. The imp
CVE-2026-10239 (A vulnerability was determined in JeecgBoot up to 3.9.2. The affected ...)
TODO: check
CVE-2026-10237 (A vulnerability was found in SourceCodester Water Billing Management S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10236 (A vulnerability has been found in SourceCodester Water Billing Managem ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-10235 (A flaw has been found in CodeAstro Ingredients Stock Management System ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2026-10234 (A vulnerability was detected in Mettle sendportal up to 3.0.1. This af ...)
TODO: check
CVE-2026-10233 (A security vulnerability has been detected in Assimp up to 6.0.4. Affe ...)
@@ -389,7 +389,7 @@ CVE-2026-10217 (A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. T
CVE-2026-10216 (A vulnerability was detected in unitedbyai droidclaw up to 0.5.3. The ...)
TODO: check
CVE-2026-10215 (A security vulnerability has been detected in Dolibarr ERP CRM up to 2 ...)
- TODO: check
+ NOT-FOR-US: Dolibarr
CVE-2026-10214 (A weakness has been identified in zhayujie chatgpt-on-wechat up to 2.0 ...)
TODO: check
CVE-2026-10213 (A security flaw has been discovered in AstrBotDevs AstrBot 4.23.6. Thi ...)
@@ -401,11 +401,11 @@ CVE-2026-10211 (A vulnerability was determined in AstrBotDevs AstrBot 4.23.6. Af
CVE-2026-10210 (A vulnerability was found in AstrBotDevs AstrBot 4.23.6. Affected by t ...)
TODO: check
CVE-2026-10209 (A vulnerability has been found in code-projects Online Hospital Manage ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-10208 (A flaw has been found in code-projects Online Hospital Management Syst ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-10206 (A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-10205 (A security vulnerability has been detected in Metasoft \u7f8e\u7279\u8 ...)
TODO: check
CVE-2026-10204 (A weakness has been identified in OFCMS 1.1.3. The affected element is ...)
@@ -427,9 +427,9 @@ CVE-2026-10197 (A vulnerability was detected in Assimp up to 6.0.4. Affected is
CVE-2026-10118 (A flaw was found in Poppler's Splash backend. A remote attacker could ...)
TODO: check
CVE-2026-0826 (In certain scenarios when the admin has enabled Interactive Connectivi ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2026-0072 (In addInputMethodListener of com.android.server.inputmethod.InputMetho ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-60495 (A segmentation violation in the gf_media_get_color_info function (/med ...)
TODO: check
CVE-2025-60486 (A heap use-after-free in the dasher_process function (/filters/dasher. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76e3fa0a4693416defdd55422027a1567ae85b1c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76e3fa0a4693416defdd55422027a1567ae85b1c
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260601/6b3579db/attachment.htm>
More information about the debian-security-tracker-commits
mailing list