[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 25 20:14:14 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9b604b87 by security tracker role at 2026-03-25T20:14:06+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,23 +13,23 @@ CVE-2026-3988 (GitLab has remediated an issue in GitLab CE/EE affecting all vers
CVE-2026-3857 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
TODO: check
CVE-2026-3218 (Improper Neutralization of Input During Web Page Generation ("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3217 (Improper Neutralization of Input During Web Page Generation ("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3216 (Server-Side Request Forgery (SSRF) vulnerability in Drupal Drupal Canv ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3215 (Improper Neutralization of Input During Web Page Generation ("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3214 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3213 (Improper Neutralization of Input During Web Page Generation ("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3212 (Improper Neutralization of Input During Web Page Generation ("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3211 (Cross-Site Request Forgery (CSRF) vulnerability in Drupal Theme Negoti ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3210 (Incorrect Authorization vulnerability in Drupal Material Icons allows ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-3126
REJECTED
CVE-2026-34085 (fontconfig before 2.17.1 has an off-by-one error in allocation during ...)
@@ -71,145 +71,145 @@ CVE-2026-33217 (NATS-Server is a High-Performance server for NATS.io, a cloud an
CVE-2026-33216 (NATS-Server is a High-Performance server for NATS.io, a cloud and edge ...)
TODO: check
CVE-2026-32573 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32567 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32562 (Missing Authorization vulnerability in WP Folio Team PPWP password-pro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32546 (Missing Authorization vulnerability in StellarWP Restrict Content rest ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32545 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32544 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32542 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32541 (Missing Authorization vulnerability in Premmerce Premmerce Redirect Ma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32540 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32539 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32538 (Insertion of Sensitive Information Into Sent Data vulnerability in Noo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32537 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32536 (Unrestricted Upload of File with Dangerous Type vulnerability in halfd ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32535 (Authorization Bypass Through User-Controlled Key vulnerability in Joom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32534 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32533 (Authorization Bypass Through User-Controlled Key vulnerability in Late ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32532 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32531 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32530 (Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32529 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32528 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32527 (Missing Authorization vulnerability in CRM Perks WP Insightly for Cont ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32526 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32525 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32524 (Unrestricted Upload of File with Dangerous Type vulnerability in Jordy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32523 (Unrestricted Upload of File with Dangerous Type vulnerability in denis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32522 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32521 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32520 (Incorrect Privilege Assignment vulnerability in Andrew Munro / Affilia ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32519 (Incorrect Privilege Assignment vulnerability in Bit Apps Bit SMTP bit- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32518 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32517 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32516 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32515 (Missing Authorization vulnerability in kamleshyadav Miraculous miracul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32514 (Missing Authorization vulnerability in Anton Voytenko Petitioner petit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32513 (Deserialization of Untrusted Data vulnerability in Miguel Useche JS Ar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32512 (Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32511 (Deserialization of Untrusted Data vulnerability in Mikado-Themes St\xe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32510 (Deserialization of Untrusted Data vulnerability in Edge-Themes Kampere ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32509 (Deserialization of Untrusted Data vulnerability in Edge-Themes Gracey ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32508 (Deserialization of Untrusted Data vulnerability in Mikado-Themes Halst ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32507 (Deserialization of Untrusted Data vulnerability in Elated-Themes Lerou ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32506 (Deserialization of Untrusted Data vulnerability in Edge-Themes Archico ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32505 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32504 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32503 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32502 (Deserialization of Untrusted Data vulnerability in Select-Themes Borgh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32501 (Missing Authorization vulnerability in wp-configurator WP Configurator ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32500 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32499 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32498 (Missing Authorization vulnerability in Metagauss RegistrationMagic cus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32497 (Weak Authentication vulnerability in PickPlugins User Verification use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32496 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32495 (Missing Authorization vulnerability in Link Software LLC WP Terms Popu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32494 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32493 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32492 (Authentication Bypass by Spoofing vulnerability in Joe Dolson My Ticke ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32491 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32490 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32489 (Missing Authorization vulnerability in bPlugins B Blocks b-blocks allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32488 (Incorrect Privilege Assignment vulnerability in wpeverest User Registr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32485 (Missing Authorization vulnerability in weDevs WP User Frontend wp-user ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32484 (Deserialization of Untrusted Data vulnerability in BoldGrid weForms we ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32483 (Missing Authorization vulnerability in codepeople Contact Form Email c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32482 (Unrestricted Upload of File with Dangerous Type vulnerability in deoth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-32441 (Missing Authorization vulnerability in WebToffee Comments Import & Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-31921 (Missing Authorization vulnerability in Devteam HaywoodTech Product Rea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-31920 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-31914 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-31913 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-30587 (Multiple Stored XSS vulnerabilities exist in Seafile Server version 13 ...)
TODO: check
CVE-2026-2995 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
@@ -221,11 +221,11 @@ CVE-2026-2745 (GitLab has remediated an issue in GitLab CE/EE affecting all vers
CVE-2026-2726 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
TODO: check
CVE-2026-2414 (Authorization bypass through User-Controlled key vulnerability in HYPR ...)
- TODO: check
+ NOT-FOR-US: HYPR
CVE-2026-2349 (Improper Neutralization of Input During Web Page Generation ("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-2348 (Improper Neutralization of Input During Web Page Generation ("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-29785 (NATS-Server is a High-Performance server for NATS.io, a cloud and edge ...)
TODO: check
CVE-2026-29092 (Kiteworks is a private data network (PDN). Prior to version 9.2.1, a v ...)
@@ -243,55 +243,55 @@ CVE-2026-27602 (Modoboa is a mail hosting and management platform. Prior to vers
CVE-2026-27496 (n8n is an open source workflow automation platform. Prior to versions ...)
TODO: check
CVE-2026-27095 (Deserialization of Untrusted Data vulnerability in magepeopleteam Bus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27088 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27087 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27084 (Deserialization of Untrusted Data vulnerability in ThemeREX Buisson bu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27083 (Deserialization of Untrusted Data vulnerability in ThemeREX Work & Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27082 (Deserialization of Untrusted Data vulnerability in ThemeREX Love Story ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27081 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27080 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27079 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27078 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27077 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27076 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27075 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27073 (Use of Hard-coded Credentials vulnerability in Addi Addi – Cuota ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27071 (Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27054 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27051 (Incorrect Privilege Assignment vulnerability in uxper Golo golo allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27049 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27048 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27047 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27046 (Missing Authorization vulnerability in Kaira StoreCustomizer woocustom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27045 (Deserialization of Untrusted Data vulnerability in sbthemes WooCommerc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27044 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27040 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-27039 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-26833 (thumbler through 1.1.2 allows OS command injection via the input, outp ...)
TODO: check
CVE-2026-26832 (node-tesseract-ocr is an npm package that provides a Node.js wrapper f ...)
@@ -305,247 +305,247 @@ CVE-2026-26233 (Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <
CVE-2026-25645 (Requests is a HTTP library. Prior to version 2.33.0, the function `req ...)
TODO: check
CVE-2026-25469 (Missing Authorization vulnerability in ViaBill for WooCommerce ViaBill ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25465 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25464 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25462 (Missing Authorization vulnerability in avalex avalex avalex allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25461 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25460 (Missing Authorization vulnerability in LiquidThemes Ave Core ave-core ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25458 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25457 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25456 (Missing Authorization vulnerability in Aarsiv Groups Automated FedEx l ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25455 (Missing Authorization vulnerability in PickPlugins Product Slider for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25454 (Missing Authorization vulnerability in MVPThemes The League the-league ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25452 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25447 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25437 (Missing Authorization vulnerability in \u0633\u06cc\u062f \u0645\u062d ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25435 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25430 (Missing Authorization vulnerability in CRM Perks Integration for Mailc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25429 (Deserialization of Untrusted Data vulnerability in wpdive Nexa Blocks ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25417 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25414 (Incorrect Privilege Assignment vulnerability in iqonicdesign WPBookit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25413 (Unrestricted Upload of File with Dangerous Type vulnerability in iqoni ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25406 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25401 (Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trac ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25400 (Deserialization of Untrusted Data vulnerability in thememount Apicona ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25398 (Missing Authorization vulnerability in Webilia Inc. Vertex Addons for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25397 (Path Traversal: '.../...//' vulnerability in Snowray Software File Upl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25396 (Missing Authorization vulnerability in CoderPress Commerce Coinbase Fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25390 (Missing Authorization vulnerability in Saad Iqbal New User Approve new ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25383 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25382 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25381 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25380 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25379 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25377 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25376 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25373 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25371 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25366 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25365 (Missing Authorization vulnerability in \xd6zg\xfcr KARALAR Kargo Takip ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25361 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25360 (Deserialization of Untrusted Data vulnerability in rascals Vex vex all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25359 (Deserialization of Untrusted Data vulnerability in rascals Pendulum pe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25358 (Deserialization of Untrusted Data vulnerability in rascals Meloo meloo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25357 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25356 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25355 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25354 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25353 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25352 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25351 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25350 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25349 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25347 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25346 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25345 (Improper Validation of Specified Quantity in Input vulnerability in Ga ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25344 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25342 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25341 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25340 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25339 (Insertion of Sensitive Information Into Sent Data vulnerability in Sye ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25334 (Incorrect Privilege Assignment vulnerability in wordpresschef Salon Bo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25328 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25327 (Missing Authorization vulnerability in Rustaurius Five Star Restaurant ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25317 (Missing Authorization vulnerability in tychesoftwares Print Invoice & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25309 (Missing Authorization vulnerability in PublishPress PublishPress Autho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25306 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25304 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25035 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25034 (Missing Authorization vulnerability in Iqonic Design KiviCare kivicare ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25033 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25032 (Deserialization of Untrusted Data vulnerability in park_of_ideas Ricky ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25031 (Deserialization of Untrusted Data vulnerability in park_of_ideas Tasty ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25030 (Deserialization of Untrusted Data vulnerability in park_of_ideas Goldi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25029 (Deserialization of Untrusted Data vulnerability in park_of_ideas KIDZ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25026 (Missing Authorization vulnerability in RadiusTheme Team tlp-team allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25025 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25018 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25017 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25013 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25009 (Missing Authorization vulnerability in raratheme Education Zone educat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25007 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25002 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-25001 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24993 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24989 (Deserialization of Untrusted Data vulnerability in FantasticPlugins SU ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24987 (Missing Authorization vulnerability in activity-log.com WP System Log ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24983 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24981 (Deserialization of Untrusted Data vulnerability in NooTheme Visionary ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24980 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24979 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24978 (Deserialization of Untrusted Data vulnerability in NooTheme Jobica Cor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24977 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24976 (Deserialization of Untrusted Data vulnerability in NooTheme Organici L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24975 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24974 (Deserialization of Untrusted Data vulnerability in NooTheme CitiLights ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24973 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24972 (Missing Authorization vulnerability in Elated-Themes Elated Listing el ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24971 (Incorrect Privilege Assignment vulnerability in Elated-Themes Search & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24970 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24969 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24968 (Incorrect Privilege Assignment vulnerability in Xagio SEO Xagio SEO xa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24964 (Server-Side Request Forgery (SSRF) vulnerability in Wasiliy Strecker / ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24750 (Kiteworks is a private data network (PDN). In Kiteworks Secure Data Fo ...)
TODO: check
CVE-2026-24391 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24382 (Missing Authorization vulnerability in wproyal News Magazine X news-ma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24378 (Deserialization of Untrusted Data vulnerability in Metagauss EventPrim ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24376 (Missing Authorization vulnerability in Javier Casares WPVulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24373 (Incorrect Privilege Assignment vulnerability in Metagauss Registration ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24372 (Authentication Bypass by Spoofing vulnerability in WP Swings Subscript ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24370 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24369 (Missing Authorization vulnerability in Theme-one The Grid the-grid all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24364 (Missing Authorization vulnerability in weDevs WP User Frontend wp-user ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24363 (Missing Authorization vulnerability in loopus WP Cost Estimation & Pay ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24362 (Missing Authorization vulnerability in bdthemes Ultimate Post Kit ulti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-24359 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23979 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23977 (Missing Authorization vulnerability in WPFactory Helpdesk Support Tick ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23973 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23972 (Missing Authorization vulnerability in magepeopleteam Booking and Rent ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23971 (Deserialization of Untrusted Data vulnerability in xtemos WoodMart woo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23807 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23806 (Missing Authorization vulnerability in BlueGlass Interactive AG Jobs f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-23636 (Kiteworks is a private data network (PDN). In Kiteworks Secure Data Fo ...)
TODO: check
CVE-2026-23635 (Kiteworks is a private data network (PDN). In Kiteworks Secure Data Fo ...)
@@ -553,99 +553,99 @@ CVE-2026-23635 (Kiteworks is a private data network (PDN). In Kiteworks Secure D
CVE-2026-23514 (Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of ...)
TODO: check
CVE-2026-22524 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22523 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22520 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22516 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22515 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22514 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22513 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22512 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22511 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22510 (Deserialization of Untrusted Data vulnerability in AncoraThemes Melody ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22509 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22508 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22507 (Deserialization of Untrusted Data vulnerability in AncoraThemes Beelov ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22506 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22505 (Deserialization of Untrusted Data vulnerability in AncoraThemes Mornin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22504 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22503 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22502 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22500 (Deserialization of Untrusted Data vulnerability in axiomthemes m2 | Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22499 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22498 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22496 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22495 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22494 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22493 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22491 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22485 (Missing Authorization vulnerability in Ruhul Amin My Album Gallery my- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22484 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22480 (Deserialization of Untrusted Data vulnerability in WebToffee Product F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-22448 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-20719 (Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2 ...)
TODO: check
CVE-2026-20125 (A vulnerability in the HTTP Server feature of Cisco IOS Software and C ...)
TODO: check
CVE-2026-20115 (A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20114 (A vulnerability in the Lobby Ambassador web-based management API of Ci ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20113 (A vulnerability in the web-based Cisco IOx application hosting environ ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20112 (A vulnerability in the web-based Cisco IOx application hosting environ ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20110 (A vulnerability in the CLI of Cisco IOS XE Software could allow an aut ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20108 (A vulnerability in the web-based management interface of Cisco Catalys ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20104 (A vulnerability in the bootloader of Cisco IOS XE Software for Cisco C ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20086 (A vulnerability in the processing of Control and Provisioning of Wirel ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20084 (A vulnerability in the DHCP snooping feature of Cisco IOS XE Software ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20083 (A vulnerability in the Secure Copy Protocol (SCP) server feature of Ci ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20012 (A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature ...)
TODO: check
CVE-2026-20004 (A vulnerability in the TLS library of Cisco IOS XE Software could allo ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-1917 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-1724 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
TODO: check
CVE-2026-1712 (Incorrect privilege assignment vulnerability in HYPR Server allows Pri ...)
- TODO: check
+ NOT-FOR-US: HYPR
CVE-2026-1001 (Domoticz versions prior to 2026.1 contain a stored cross-site scriptin ...)
TODO: check
CVE-2025-70952 (pf4j before 20c2f80 has a path traversal vulnerability in the extract( ...)
@@ -655,11 +655,11 @@ CVE-2025-70888 (An issue in mtrojnar Osslsigncode affected at v2.10 and before a
CVE-2025-70887 (An issue in ralphje Signify before v.0.9.2 allows a remote attacker to ...)
TODO: check
CVE-2025-69358 (Missing Authorization vulnerability in Metagauss EventPrime eventprime ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69347 (Authorization Bypass Through User-Controlled Key vulnerability in Conv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69096 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67030 (Directory Traversal vulnerability in the extractFile method of org.cod ...)
TODO: check
CVE-2025-59707 (In N2W before 4.3.2 and 4.4.x before 4.4.1, there is potential remote ...)
@@ -667,15 +667,15 @@ CVE-2025-59707 (In N2W before 4.3.2 and 4.4.x before 4.4.1, there is potential r
CVE-2025-59706 (In N2W before 4.3.2 and 4.4.0 before 4.4.1, improper validation of API ...)
TODO: check
CVE-2025-40842 (Ericsson Indoor Connect 8855 versions prior to 2025.Q3contains a Cross ...)
- TODO: check
+ NOT-FOR-US: Ericsson
CVE-2025-40841 (Ericsson Indoor Connect 8855 versions prior to 2025.Q3contains a Cross ...)
- TODO: check
+ NOT-FOR-US: Ericsson
CVE-2025-32991 (In N2WS Backup & Recovery before 4.4.0, a two-step attack against the ...)
TODO: check
CVE-2025-27260 (Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Imp ...)
- TODO: check
+ NOT-FOR-US: Ericsson
CVE-2025-14790 (IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allo ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-14595 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
TODO: check
CVE-2025-13436 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
@@ -683,7 +683,7 @@ CVE-2025-13436 (GitLab has remediated an issue in GitLab CE/EE affecting all ver
CVE-2025-13078 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
TODO: check
CVE-2025-12708 (IBM Concert 1.0.0 through 2.2.0 contains hard-coded credentials that c ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-58341 (OpenCart Core 4.0.2.3 contains a SQL injection vulnerability that allo ...)
TODO: check
CVE-2024-51348 (A stack-based buffer overflow vulnerability in the P2P API service in ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b604b87f4e9e51e82bb673c4309d49d4b097e44
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b604b87f4e9e51e82bb673c4309d49d4b097e44
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260325/37575c3d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list