[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Mar 13 08:14:03 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
998b23aa by security tracker role at 2026-03-13T08:13:57+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,11 +3,11 @@ CVE-2026-3910 (Inappropriate implementation in V8 in Google Chrome prior to 146.
CVE-2026-3909 (Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 al ...)
TODO: check
CVE-2026-3891 (The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-3611 (The Honeywell IQ4x building management controller, exposes its full we ...)
TODO: check
CVE-2026-3045 (The Appointment Booking Calendar \u2014 Simply Schedule Appointments p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-32612 (Statmatic is a Laravel and Git powered content management system (CMS) ...)
TODO: check
CVE-2026-32598 (OneUptime is a solution for monitoring and managing online services. P ...)
@@ -27,11 +27,11 @@ CVE-2026-32306 (OneUptime is a solution for monitoring and managing online servi
CVE-2026-32304 (Locutus brings stdlibs of other programming languages to JavaScript fo ...)
TODO: check
CVE-2026-32302 (OpenClaw is a personal AI assistant. Prior to 2026.3.11, browser-origi ...)
- TODO: check
+ NOT-FOR-US: OpenClaw
CVE-2026-32301 (Centrifugo is an open-source scalable real-time messaging server. Prio ...)
TODO: check
CVE-2026-2890 (The Formidable Forms plugin for WordPress is vulnerable to a payment i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2581 (This is an uncontrolled resource consumption vulnerability (CWE-400) t ...)
TODO: check
CVE-2026-2229 (ImpactThe undici WebSocket client is vulnerable to a denial-of-service ...)
@@ -75,7 +75,7 @@ CVE-2026-22183 (wpDiscuz before 7.6.47 contains a stored cross-site scripting vu
CVE-2026-22182 (wpDiscuz before 7.6.47 contains an unauthenticated denial of service v ...)
TODO: check
CVE-2026-1704 (The Appointment Booking Calendar \u2014 Simply Schedule Appointments B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1528 (ImpactA server can reply with a WebSocket frame using the 64-bit lengt ...)
TODO: check
CVE-2026-1527 (ImpactWhen an application passes user-controlled input to theupgradeop ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/998b23aa189e481ae6641296d74689198b728b8d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/998b23aa189e481ae6641296d74689198b728b8d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260313/e303ede4/attachment.htm>
More information about the debian-security-tracker-commits
mailing list