[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jun 17 08:14:39 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fc074da1 by security tracker role at 2026-06-17T07:14:33+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,21 +3,21 @@ CVE-2026-8317
CVE-2026-55706 (sppp_pap_input in sys/net/if_spppsubr.c in OpenBSD before 076e2b1 allo ...)
TODO: check
CVE-2026-54194 (Contributor PHP Object Injection in Fusion Builder <= 3.15.4 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-53876 (RadiX AX6600 WiFi 6 Tri-Band Gaming Router contains an OS command inje ...)
TODO: check
CVE-2026-49113 (Subscriber Arbitrary Code Execution in Cornerstone < 7.8.8 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49080 (Unauthenticated SQL Injection in wpDataTables <= 7.3.6 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49073 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-49057 (Unauthenticated Broken Access Control in JobSearch <= 3.2.7 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-48929 (Rocket.Chat in versions <8.5.1, <8.4.4, <8.3.6, <8.2.6, <8.1.6, <8.0.7 ...)
TODO: check
CVE-2026-48869 (Unauthenticated Cross Site Scripting (XSS) in Enfold <= 7.1.4 versions ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-48797 (Backpropagate is a Python library for fine-tuning large language model ...)
TODO: check
CVE-2026-48788 (Remark42 is a self-hosted comment engine for blogs, articles, or any o ...)
@@ -39,7 +39,7 @@ CVE-2026-48745 (Traccar Client is a GPS tracking mobile app for sending location
CVE-2026-48616 (Rocket.Chat versions <8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, 7.13.9 ...)
TODO: check
CVE-2026-48294 (Adobe Acrobat PDF Extension (Chrome) versions 26.5.2.2 and earlier are ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48055 (Streambert is a cross-platform Electron Desktop App to stream and down ...)
TODO: check
CVE-2026-47750 (stable-diffusion.cpp is a pure C/C++ library for running diffusion mod ...)
@@ -51,7 +51,7 @@ CVE-2026-47277 (Runtipi is a personal homeserver orchestrator. In versions 4.9.1
CVE-2026-46979 (Vulnerability in the PeopleSoft Enterprise CS Campus Community product ...)
TODO: check
CVE-2026-46978 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46977 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
TODO: check
CVE-2026-46976 (Vulnerability in the Oracle Public Sector Payroll product of Oracle E- ...)
@@ -71,13 +71,13 @@ CVE-2026-46969 (Vulnerability in the Oracle Financials for EMEA product of Oracl
CVE-2026-46967 (Vulnerability in the Oracle Public Sector Financials (International) p ...)
TODO: check
CVE-2026-46966 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46965 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46964 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46963 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46962 (Vulnerability in the Oracle Project Portfolio Analysis product of Orac ...)
TODO: check
CVE-2026-46961 (Vulnerability in the Oracle Project Portfolio Analysis product of Orac ...)
@@ -89,7 +89,7 @@ CVE-2026-46959 (Vulnerability in the Oracle Subledger Accounting product of Orac
CVE-2026-46958 (Vulnerability in the Oracle Subledger Accounting product of Oracle E-B ...)
TODO: check
CVE-2026-46957 (Vulnerability in the Oracle iSupplier Portal product of Oracle E-Busin ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46956 (Vulnerability in the Oracle Property Manager product of Oracle E-Busin ...)
TODO: check
CVE-2026-46955 (Vulnerability in the Oracle Human Resources product of Oracle E-Busine ...)
@@ -127,7 +127,7 @@ CVE-2026-46935 (Vulnerability in the Oracle Complex Maintenance, Repair and Over
CVE-2026-46934 (Vulnerability in the Oracle Complex Maintenance, Repair and Overhaul p ...)
TODO: check
CVE-2026-46933 (Vulnerability in the Oracle Applications Manager product of Oracle E-B ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46932 (Vulnerability in the Oracle Enterprise Asset Management product of Ora ...)
TODO: check
CVE-2026-46931 (Vulnerability in the Oracle Enterprise Asset Management product of Ora ...)
@@ -159,29 +159,29 @@ CVE-2026-46916 (Vulnerability in the Oracle Process Manufacturing Product Develo
CVE-2026-46915 (Vulnerability in the Oracle Complex Maintenance, Repair and Overhaul p ...)
TODO: check
CVE-2026-46914 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46913 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46912 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46911 (Vulnerability in the JD Edwards EnterpriseOne Project Costing product ...)
TODO: check
CVE-2026-46910 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46909 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46908 (Vulnerability in the JD Edwards EnterpriseOne Accounts Payable product ...)
TODO: check
CVE-2026-46907 (Vulnerability in the JD Edwards EnterpriseOne Order Promising product ...)
TODO: check
CVE-2026-46906 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46905 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46904 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46903 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46902 (Vulnerability in the Oracle Enterprise Command Center Framework produc ...)
TODO: check
CVE-2026-46901 (Vulnerability in the Oracle Enterprise Command Center Framework produc ...)
@@ -199,7 +199,7 @@ CVE-2026-46896 (Vulnerability in the Oracle Enterprise Command Center Framework
CVE-2026-46895 (Vulnerability in the Oracle Enterprise Command Center Framework produc ...)
TODO: check
CVE-2026-46894 (Vulnerability in the Oracle iSupplier Portal product of Oracle E-Busin ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46893 (Vulnerability in the JD Edwards EnterpriseOne General Ledger product o ...)
TODO: check
CVE-2026-46892 (Vulnerability in the JD Edwards EnterpriseOne Human Resources Manageme ...)
@@ -211,7 +211,7 @@ CVE-2026-46890 (Vulnerability in the Siebel Apps - Marketing product of Oracle S
CVE-2026-46889 (Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel ...)
TODO: check
CVE-2026-46888 (Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CR ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46887 (Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel ...)
TODO: check
CVE-2026-46886 (Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel ...)
@@ -221,27 +221,27 @@ CVE-2026-46885 (Vulnerability in the Siebel CRM Integration product of Oracle Si
CVE-2026-46884 (Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel ...)
TODO: check
CVE-2026-46883 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46882 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46881 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46880 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46879 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46878 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46877 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
TODO: check
CVE-2026-46875 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46874 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
TODO: check
CVE-2026-46873 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
TODO: check
CVE-2026-46872 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46871 (Vulnerability in the MySQL Shell product of Oracle MySQL (component: S ...)
TODO: check
CVE-2026-46870 (Vulnerability in the MySQL Shell product of Oracle MySQL (component: S ...)
@@ -249,15 +249,15 @@ CVE-2026-46870 (Vulnerability in the MySQL Shell product of Oracle MySQL (compon
CVE-2026-46869 (Vulnerability in the MySQL Shell product of Oracle MySQL (component: S ...)
TODO: check
CVE-2026-46868 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46867 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46866 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46865 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46864 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46863 (Vulnerability in the MySQL Server, MySQL Cluster product of Oracle MyS ...)
TODO: check
CVE-2026-46862 (Vulnerability in the MySQL Router product of Oracle MySQL (component: ...)
@@ -267,21 +267,21 @@ CVE-2026-46861 (Vulnerability in the MySQL NDB Cluster product of Oracle MySQL (
CVE-2026-46860 (Vulnerability in the MySQL Router product of Oracle MySQL (component: ...)
TODO: check
CVE-2026-46859 (Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain ( ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46858 (Vulnerability in the APM - Application Performance Management product ...)
TODO: check
CVE-2026-46857 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46856 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46855 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46854 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46853 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46852 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46851 (Vulnerability in the PeopleSoft Enterprise CS Campus Community product ...)
TODO: check
CVE-2026-46850 (Vulnerability in the MySQL Shell product of Oracle MySQL (component: S ...)
@@ -301,7 +301,7 @@ CVE-2026-46844 (Vulnerability in the Oracle WebCenter Portal product of Oracle F
CVE-2026-46838 (Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion ...)
TODO: check
CVE-2026-46832 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46825 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
TODO: check
CVE-2026-46816 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
@@ -315,13 +315,13 @@ CVE-2026-46813 (Vulnerability in the Oracle WebCenter Content product of Oracle
CVE-2026-46812 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
TODO: check
CVE-2026-46810 (Vulnerability in the Identity Manager product of Oracle Fusion Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46809 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
TODO: check
CVE-2026-46808 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
TODO: check
CVE-2026-46807 (Vulnerability in the Identity Manager product of Oracle Fusion Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46806 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
TODO: check
CVE-2026-46805 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
@@ -389,13 +389,13 @@ CVE-2026-46774 (Vulnerability in the Oracle Unified Directory product of Oracle
CVE-2026-46773 (Vulnerability in the Oracle Unified Directory product of Oracle Fusion ...)
TODO: check
CVE-2026-46772 (Vulnerability in the Oracle Application Development Framework (ADF) pr ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46771 (Vulnerability in the Oracle Application Development Framework (ADF) pr ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46770 (Vulnerability in the Oracle Application Development Framework (ADF) pr ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46769 (Vulnerability in the Oracle Application Development Framework (ADF) pr ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46768 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
TODO: check
CVE-2026-46767 (Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion ...)
@@ -407,59 +407,59 @@ CVE-2026-46765 (Vulnerability in the Oracle WebCenter Portal product of Oracle F
CVE-2026-44587 (CarrierWave is a framework to upload files from Ruby applications. In ...)
TODO: check
CVE-2026-40761 (Unauthenticated PHP Object Injection in Valeska <= 1.2.2 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40760 (Unauthenticated PHP Object Injection in Behold <= 1.5 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40759 (Unauthenticated PHP Object Injection in Esm\xe9e <= 1.4 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40758 (Unauthenticated PHP Object Injection in L\xe9onie <= 1.2.1 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40755 (Unauthenticated PHP Object Injection in TechLink <= 1.3 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40754 (Unauthenticated PHP Object Injection in Roisin <= 1.4 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40751 (Unauthenticated PHP Object Injection in Ashtanga <= 1.2 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40739 (Unauthenticated PHP Object Injection in LuxeDrive <= 1.4 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-40736 (Unauthenticated PHP Object Injection in Laurits <= 1.5.1 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39598 (Unrestricted Upload of File with Dangerous Type vulnerability in Kodez ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39580 (Unauthenticated PHP Object Injection in Micdrop <= 1.3.1 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39578 (Unauthenticated PHP Object Injection in Valiance <= 1.2 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39577 (Unauthenticated PHP Object Injection in Playroom <= 1.4.1 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39568 (Unauthenticated Local File Inclusion in Mr. SEO <= 2.0 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39567 (Unauthenticated PHP Object Injection in Sant\xe9 <= 1.5.1 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39557 (Unauthenticated PHP Object Injection in NeoBeat <= 1.7 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39554 (Unauthenticated PHP Object Injection in Fidalgo <= 1.2.2 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39549 (Unauthenticated Local File Inclusion in Aperitif <= 1.5 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39548 (Unauthenticated Cross Site Scripting (XSS) in MagOne <= 9.0 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39547 (Unauthenticated Local File Inclusion in Getaway < 1.8 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39539 (Unauthenticated PHP Object Injection in Alloggio - Hotel Booking <= 2. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39529 (Unauthenticated PHP Object Injection in Elementra <= 1.0.9 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39522 (Unauthenticated Local File Inclusion in Solene <= 3.4 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39446 (Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39443 (Unauthenticated PHP Object Injection in EmallShop <= 2.4.21 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39438 (Unauthenticated SQL Injection in ListingPro <= 2.9.10 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-39433 (Subscriber Arbitrary Content Deletion in WPAMS < 49.5.3 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-35327 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
TODO: check
CVE-2026-35326 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
@@ -567,13 +567,13 @@ CVE-2026-35271 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools produc
CVE-2026-35270 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
TODO: check
CVE-2026-35269 (Vulnerability in the Identity Manager product of Oracle Fusion Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35268 (Vulnerability in the Identity Manager product of Oracle Fusion Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35267 (Vulnerability in the Identity Manager product of Oracle Fusion Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35265 (Vulnerability in the Identity Manager product of Oracle Fusion Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35263 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
TODO: check
CVE-2026-35262 (Vulnerability in the Oracle Data Integrator product of Oracle Fusion M ...)
@@ -585,17 +585,17 @@ CVE-2026-35259 (Vulnerability in the WebLogic Server product of Oracle Fusion Mi
CVE-2026-35258 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
TODO: check
CVE-2026-34895 (Unauthenticated Local File Inclusion in Softlab Core < 1.2.11 versions ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-34894 (Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 versions ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-34893 (Unauthenticated Local File Inclusion in Thegov Core < 2.0.23 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27429 (Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27395 (Unauthenticated Privilege Escalation in Support Board < 3.8.9 versions ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25470 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22313 (The device has a webserver that exposes a REST API authenticated with ...)
TODO: check
CVE-2026-22312 (The device has a webserver that exposes a REST API authenticated with ...)
@@ -667,199 +667,199 @@ CVE-2026-12438 (Inappropriate implementation in WebView in Google Chrome on Andr
CVE-2026-12437 (Use after free in WebShare in Google Chrome on Windows prior to 149.0. ...)
TODO: check
CVE-2026-12425 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2026-12360 (The JetEngine plugin for WordPress is vulnerable to SQL injection in a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-12348 (Address bar spoofing in Arc Search for Android allows a remote attacke ...)
TODO: check
CVE-2026-12256 (Contributor PHP Object Injection in Avada <= 3.15.3 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-12117 (Improper access control in the social login connection endpoint in De ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2026-12105 (Improper access control in Devolutions Server 2026.2.5, 2026.1.21 allo ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2026-11890 (Improper access control in PAM account discovery results in Devolution ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2026-11410 (An authenticated OS command injection vulnerability exists in the BigP ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-11409 (An authenticated OS command injection vulnerability exists in the IPv6 ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-10303 (In ServerCo getssl version 2.49 and prior, the ACME challenge token re ...)
TODO: check
CVE-2026-0165 (In several functions of the RTCP packet decoder, there is a possible o ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0164 (In Modem, there is a possible out of bounds write due to a missing bou ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0162 (In ParsePayloads of AudioSdpParser.cpp, there is a possible memory cor ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0161 (In numberOfReportBlocks of RtpSession.cpp, there is a possible out of ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0160 (In TextRtpPayloadDecoderNode::DecodeT140 of TextRtpPayloadDecoderNode. ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0158 (In Camera, there is a possible unauthorized way to access photos due t ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0157 (In RtcpHeader::decodeRtcpHeader, there is a possible OOB read due to a ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0156 (In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memo ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0155 (In ImsMediaBitReader::ReadByteBuffer, there is a possible OOB read due ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0154 (In Modem, there is a possible way to trigger a modem crash during a SI ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0153 (In Write of msg_to_host_buffer.cc, there is a possible out of bounds w ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0152 (In OSMMapPMRGeneric of pmr_os.c, there is a possible way to leverage a ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0151 (In IntfGraphCreate of intfgraph.c, there is a possible out of bounds w ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0150 (In ExecuteGraph command handler of EdgeTPU firmware, there is a possib ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0149 (In RtpSession::rtpSendRtcpPacket, there is a possible OOB write due to ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0148 (In multiple functions of VideoRtpPayloadDecoderNode.cpp, there is a po ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0147 (In __mfc_core_nal_q_get_dec_metadata_sei_nal of mfc_core_nal_q.c, ther ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0146 (In mfc_core_get_dec_metadata_sei_nal of mfc_core_reg_api.c, there is a ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0145 (In keymint, there is a possible Permission Bypass due to a logic error ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0144 (In writeAocCommand of AocAudioCodec.cpp, there is a possible memory sa ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0143 (In lwis_device_external_event_emit of lwis_event.c, there is a possibl ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0142 (In iavb_parse_key_data of avb_rsa.c, there is a possible out of bounds ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0141 (In decodeAppPacket of RtcpAppPacket.cpp, there is a possible OOB read ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0140 (In RtpPacket::decodePacket, there is a possible out-of-bounds read due ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0139 (In Modem, there is a possible out of bounds write due to a missing bou ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0138 (In lwis_io_buffer_write of lwis_io_buffer.c, there is a possible out o ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0137 (In edgetpu_sync_fence_group_shutdown() of edgetpu-dmabuf.c, there is a ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0136 (In Modem, there is a possible out of bounds read due to a missing boun ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0135 (In Modem, there is a possible out of bounds read due to a missing boun ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0134 (In PostWipeData of recovery_ui.cpp, there is a possible data persisten ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0133 (In smmu_attach_dev of arm-smmu-v3.c, there is a possible way to sign m ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0132 (In Modem, there is a possible out of bounds write due to a heap buffer ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0131 (In RtpPacket::decodePacket, there is a possible out of bounds access d ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0130 (In RtcpChunk::decodeRtcpChunk, there is a possible out of bounds read ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0129 (In RtcpByePacket::decodeByePacket, there is a possible due to a missi ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0128 (In RtcpFbPacket::decodeRtcpFbPacket, there is a possible out of bounds ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0127 (In NrmmMsgCodec::DecodeUPUTransparentContext of cn_NrmmDecoder.cpp, th ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0126 (In WC-Radio, there is a possible out of bounds write due to a missing ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0125 (In multiple functions of vpu_ioctl.c, there is a possible use after fr ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2026-0057 (In Contacts Provider, there is a possible way to access an incoming ca ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2026-0019 (In SettingsLib, there is a possible way to disable system components d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-69178 (Unauthenticated Local File Inclusion in Truemag <= 4.3.14.2 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69177 (Unauthenticated Local File Inclusion in Roneous <= 2.1.5 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69176 (Unauthenticated Local File Inclusion in ITactics <= 1.0 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69168 (Unauthenticated Local File Inclusion in Spike <= 1.2 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69167 (Unauthenticated Local File Inclusion in Eros <= 1.3 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69165 (Unauthenticated Local File Inclusion in Choreo <= 1.6 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69163 (Unauthenticated Local File Inclusion in WineShop <= 3.17 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69162 (Unauthenticated Local File Inclusion in Grecko <= 5.17 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69160 (Unauthenticated Local File Inclusion in Gita <= 1.11 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69159 (Unauthenticated Local File Inclusion in Printo <= 1.11 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69151 (Unauthenticated Cross Site Scripting (XSS) in Grand Car Rental <= 3.7 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69150 (Unauthenticated Local File Inclusion in Medeus <= 1.14 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69149 (Unauthenticated Local File Inclusion in Top Dog <= 1.0.5 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69147 (Unauthenticated Local File Inclusion in Putter <= 1.17 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69146 (Unauthenticated Local File Inclusion in Dom <= 1.24 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69143 (Unauthenticated Local File Inclusion in Mission <= 1.22 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69142 (Unauthenticated Local File Inclusion in Abelle <= 1.22 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69141 (Unauthenticated Local File Inclusion in Kelly Young <= 1.1.0 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69139 (Unauthenticated Arbitrary File Deletion in Car Zone <= 3.7 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69137 (Subscriber Broken Access Control in Genemy <= 1.6.6 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69136 (Unauthenticated Local File Inclusion in Wanium <= 1.9.8 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69131 (Unauthenticated Arbitrary File Download in WordPress & WooCommerce Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69125 (Unauthenticated Local File Inclusion in Food Drop <= 1.3 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69124 (Unauthenticated Local File Inclusion in Especio <= 1.0 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69122 (Unauthenticated PHP Object Injection in SeaFood Company <= 1.4 version ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69121 (Unauthenticated Local File Inclusion in Deliciosa <= 1.10.0 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69119 (Unauthenticated Local File Inclusion in Corbesier <= 1.15.0 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69118 (Unauthenticated Local File Inclusion in CopyPress <= 1.4.5 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69116 (Unauthenticated Local File Inclusion in Iona <= 1.0.8 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69114 (Unauthenticated Local File Inclusion in MaxiNet <= 1.2.10 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69113 (Unauthenticated Local File Inclusion in Nexio <= 1.10.0 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69112 (Unauthenticated Local File Inclusion in Planty <= 1.14.0 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69109 (Unauthenticated Local File Inclusion in Raider Spirit <= 1.1.2 version ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69108 (Unauthenticated PHP Object Injection in Hot Coffee <= 1.7 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69107 (Unauthenticated Local File Inclusion in Rosaleen <= 2.8 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69105 (Unauthenticated Local File Inclusion in Modernee <= 1.6.0 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69104 (Unauthenticated Cross Site Scripting (XSS) in Qreatix <= 1.9.4 version ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69103 (Subscriber Arbitrary Content Deletion in Brikk <= 3.0.0 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60085 (Unauthenticated Local File Inclusion in Learnify <= 1.15.0 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58924 (Unauthenticated Local File Inclusion in Geya <= 1.15 versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48643 (In multiple locations there is a possible provisioning bypass due to i ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-48640 (In multiple locations, there is a possible 3rd party passkey entry pai ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-48617 (In overrideConfig of CarrierConfigLoader.java, there is a possible way ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-48571 (In multiple functions of btm_sec.cc, there is a possible way for an at ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-15642 (Netskope is notified about a potential gap in its Netskoped Client for ...)
- TODO: check
+ NOT-FOR-US: Netskope
CVE-2025-15641 (Netskope was notified about a potential gap in its Netskope Client for ...)
- TODO: check
+ NOT-FOR-US: Netskope
CVE-2026-53615 [Integer Overflow or Wraparound in libblkid/src/partitions/dos.c]
- util-linux <unfixed>
NOTE: https://github.com/util-linux/util-linux/security/advisories/GHSA-h4rw-gv36-wmp5
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc074da13dba5d3f8461889d76a6936cc1a340b2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc074da13dba5d3f8461889d76a6936cc1a340b2
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260617/8edb2c9a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list