[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 29 08:13:24 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a48180ea by security tracker role at 2026-06-29T07:13:18+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,6 +1,92 @@
+CVE-2026-9676 (The F4 Post Tree WordPress plugin before 2.0.5 does not perform capabi ...)
+	TODO: check
+CVE-2026-13544 (A flaw has been found in Feehi CMS up to 2.1.1. Affected by this issue ...)
+	TODO: check
+CVE-2026-13543 (A vulnerability was detected in Documenso up to 2.11.0. Affected by th ...)
+	TODO: check
+CVE-2026-13542 (A security vulnerability has been detected in itsourcecode Hospital Ma ...)
+	TODO: check
+CVE-2026-13541 (A weakness has been identified in itsourcecode Hospital Management Sys ...)
+	TODO: check
+CVE-2026-13540 (A security flaw has been discovered in GitBucket up to 4.46.1. This af ...)
+	TODO: check
+CVE-2026-13539 (A vulnerability was identified in Wavlink WL-NU516U1-A M16U1_V240425.  ...)
+	TODO: check
+CVE-2026-13538 (A vulnerability was determined in Wavlink WL-NU516U1-A M16U1_V240425.  ...)
+	TODO: check
+CVE-2026-13537 (A vulnerability was found in CodeAstro Human Resource Management Syste ...)
+	TODO: check
+CVE-2026-13536 (A vulnerability has been found in GotoHTTP up to 10.2. This issue affe ...)
+	TODO: check
+CVE-2026-13535 (A flaw has been found in CodeAstro Human Resource Management System 1. ...)
+	TODO: check
+CVE-2026-13534 (A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. Th ...)
+	TODO: check
+CVE-2026-13533 (A security vulnerability has been detected in agentejo Cockpit CMS up  ...)
+	TODO: check
+CVE-2026-13532 (A weakness has been identified in itsourcecode Hospital Management Sys ...)
+	TODO: check
+CVE-2026-13531 (A security flaw has been discovered in itsourcecode Hospital Managemen ...)
+	TODO: check
+CVE-2026-13530 (A vulnerability was identified in itsourcecode Hospital Management Sys ...)
+	TODO: check
+CVE-2026-13529 (A vulnerability was determined in YzmCMS up to 7.5. This affects an un ...)
+	TODO: check
+CVE-2026-13528 (A vulnerability was found in YunaiV/zhijiantianya ruoyi-vue-pro up to  ...)
+	TODO: check
+CVE-2026-13527 (A vulnerability has been found in SourceCodester Class and Exam Timeta ...)
+	TODO: check
+CVE-2026-13526 (A flaw has been found in SourceCodester Class and Exam Timetabling Sys ...)
+	TODO: check
+CVE-2026-13525 (A vulnerability was detected in CodeAstro Human Resource Management Sy ...)
+	TODO: check
+CVE-2026-13524 (A security vulnerability has been detected in CherryHQ cherry-studio u ...)
+	TODO: check
+CVE-2026-13523 (A weakness has been identified in GPAC up to 26.02.0. This affects an  ...)
+	TODO: check
+CVE-2026-13522 (A security flaw has been discovered in Investintech SlimPDFReader up t ...)
+	TODO: check
+CVE-2026-13521 (A vulnerability was identified in SourceCodester Class and Exam Timeta ...)
+	TODO: check
+CVE-2026-13520 (A vulnerability was determined in itsourcecode Hospital Management Sys ...)
+	TODO: check
+CVE-2026-13519 (A vulnerability was found in Tenda JD12L 16.03.53.23. This impacts the ...)
+	TODO: check
+CVE-2026-13518 (A vulnerability has been found in Tenda JD12L 16.03.53.23. This affect ...)
+	TODO: check
+CVE-2026-13517 (A flaw has been found in Tenda JD12L 16.03.53.23. The impacted element ...)
+	TODO: check
+CVE-2026-13516 (A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected  ...)
+	TODO: check
+CVE-2026-13515 (A security vulnerability has been detected in Tenda JD12L 16.03.53.23. ...)
+	TODO: check
+CVE-2026-13514 (A weakness has been identified in Chess Play and Learn App up to 4.9.4 ...)
+	TODO: check
+CVE-2026-13513 (A security flaw has been discovered in MyScale MyScaleDB up to 1.8.0.  ...)
+	TODO: check
+CVE-2026-13512 (A vulnerability was identified in Databend up to 1.2.881 on HTTP. This ...)
+	TODO: check
+CVE-2026-13511 (A vulnerability was determined in VoltAgent up to 2.1.17. Affected by  ...)
+	TODO: check
+CVE-2026-13510 (A vulnerability was found in SimStudioAI sim up to 0.6.92. Affected by ...)
+	TODO: check
+CVE-2026-13509 (A vulnerability has been found in RAGapp up to 0.1.5. Affected is the  ...)
+	TODO: check
+CVE-2026-13508 (A flaw has been found in khoj-ai khoj up to 2.0.0-beta.28. This impact ...)
+	TODO: check
+CVE-2026-13507 (A vulnerability was detected in volcengine OpenViking up to 0.3.21. Th ...)
+	TODO: check
+CVE-2026-10083 (The APCu Manager WordPress plugin before 4.5.0 does not escape APCu ob ...)
+	TODO: check
+CVE-2025-7386 (Information exposure vulnerability in Hitachi Storage Navigator.  This ...)
+	TODO: check
+CVE-2025-2902 (Improper Authorization Vulnerability of Maintenance Utility in Hitachi ...)
+	TODO: check
+CVE-2025-0824 (Lack of validation for firmware updatein Hitachi Hitachi Virtual Stora ...)
+	TODO: check
 CVE-2026-50160
 	NOT-FOR-US: Hoppscotch
-CVE-2026-53325 [agp/amd64: Fix broken error propagation in agp_amd64_probe()]
+CVE-2026-53325 (In the Linux kernel, the following vulnerability has been resolved:  a ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/b08472db93b1ccff84a7adec5779d47f0e9d3a30 (7.2-rc1)
 CVE-2026-XXXX [Security issue in suid RTAPI component]
@@ -58768,7 +58854,7 @@ CVE-2016-20038 (yTree 1.94-1.1 contains a stack-based buffer overflow vulnerabil
 	NOTE: Bogus CVE assignment for yasr
 CVE-2016-20037 (xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vuln ...)
 	NOTE: Bogus CVE assignment for xwpe
-CVE-2026-3256 (HTTP::Session versions through 0.53 for Perl defaults to using insecur ...)
+CVE-2026-3256 (HTTP::Session versions before 0.54 for Perl defaults to using insecure ...)
 	NOT-FOR-US: HTTP::Session Perl module
 CVE-2025-15604 (Amon2 versions before 6.17 for Perl use an insecure random_string impl ...)
 	NOT-FOR-US: Amon2 Perl module
@@ -256737,7 +256823,7 @@ CVE-2024-8151 (A vulnerability was found in SourceCodester Interactive Map with
 	NOT-FOR-US: SourceCodester Interactive Map with Marker
 CVE-2024-8150 (A vulnerability was found in ContiNew Admin 3.2.0 and classified as cr ...)
 	NOT-FOR-US: ContiNew Admin
-CVE-2024-8105 (A vulnerability related to the use an insecure Platform Key (PK) has b ...)
+CVE-2024-8105 (A vulnerability exists in UEFI implementations that use a hard-coded s ...)
 	NOT-FOR-US: Acer
 CVE-2024-8073 (Improper Input Validation vulnerability in Hillstone Networks Hillston ...)
 	NOT-FOR-US: Hillstone



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a48180ea4c7caa86046163741769b77d3d9cbd67

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a48180ea4c7caa86046163741769b77d3d9cbd67
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260629/9a00c93c/attachment.htm>


More information about the debian-security-tracker-commits mailing list