[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Mar 28 20:13:48 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bde25e69 by security tracker role at 2026-03-28T20:13:40+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,6 +1,92 @@
-CVE-2026-3256
+CVE-2026-5013 (A vulnerability has been found in elecV2 elecV2P up to 3.8.3. Impacted ...)
+	TODO: check
+CVE-2026-5012 (A flaw has been found in elecV2 elecV2P up to 3.8.3. This issue affect ...)
+	TODO: check
+CVE-2026-5011 (A vulnerability was detected in elecV2 elecV2P up to 3.8.3. This vulne ...)
+	TODO: check
+CVE-2026-5007 (A vulnerability was identified in kazuph mcp-docs-rag up to 0.5.0. Aff ...)
+	TODO: check
+CVE-2026-5004 (A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This im ...)
+	TODO: check
+CVE-2026-5003 (A vulnerability was found in PromtEngineer localGPT up to 4d41c7d1713b ...)
+	TODO: check
+CVE-2026-5002 (A vulnerability has been found in PromtEngineer localGPT up to 4d41c7d ...)
+	TODO: check
+CVE-2026-5001 (A flaw has been found in PromtEngineer localGPT up to 4d41c7d1713b16b2 ...)
+	TODO: check
+CVE-2026-5000 (A vulnerability was detected in PromtEngineer localGPT up to 4d41c7d17 ...)
+	TODO: check
+CVE-2026-4999 (A security vulnerability has been detected in z-9527 admin up to 72aaf ...)
+	TODO: check
+CVE-2026-4998 (A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. Th ...)
+	TODO: check
+CVE-2026-4997 (A security flaw has been discovered in Sinaptik AI PandasAI up to 3.0. ...)
+	TODO: check
+CVE-2026-4996 (A vulnerability was identified in Sinaptik AI PandasAI up to 0.1.4. Af ...)
+	TODO: check
+CVE-2026-4995 (A vulnerability was determined in wandb OpenUI up to 1.0. Affected by  ...)
+	TODO: check
+CVE-2026-4994 (A vulnerability was found in wandb OpenUI up to 1.0/3.5-turb. Affected ...)
+	TODO: check
+CVE-2026-4993 (A vulnerability has been found in wandb OpenUI up to 0.0.0.0/1.0. This ...)
+	TODO: check
+CVE-2026-2595 (The Quads Ads Manager for Google AdSense plugin for WordPress is vulne ...)
+	TODO: check
+CVE-2026-2442 (The Page Builder: Pagelayer \u2013 Drag and Drop website builder plugi ...)
+	TODO: check
+CVE-2025-9497 (Use of Hard-coded Credentials vulnerability in Microchip Time Provider ...)
+	TODO: check
+CVE-2018-25225 (SIPP 3.3 contains a stack-based buffer overflow vulnerability that all ...)
+	TODO: check
+CVE-2018-25224 (PMS 0.42 contains a stack-based buffer overflow vulnerability that all ...)
+	TODO: check
+CVE-2018-25223 (Crashmail 1.6 contains a stack-based buffer overflow vulnerability tha ...)
+	TODO: check
+CVE-2018-25222 (SC v7.16 contains a stack-based buffer overflow vulnerability that all ...)
+	TODO: check
+CVE-2018-25221 (EChat Server 3.1 contains a buffer overflow vulnerability in the chat. ...)
+	TODO: check
+CVE-2018-25220 (Bochs 2.6-5 contains a stack-based buffer overflow vulnerability that  ...)
+	TODO: check
+CVE-2017-20229 (MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnera ...)
+	TODO: check
+CVE-2017-20228 (Flat Assembler 1.71.21 contains a stack-based buffer overflow vulnerab ...)
+	TODO: check
+CVE-2017-20227 (JAD Java Decompiler 1.5.8e-1kali1 and prior contains a stack-based buf ...)
+	TODO: check
+CVE-2017-20226 (Mapscrn 2.0.3 contains a stack-based buffer overflow vulnerability tha ...)
+	TODO: check
+CVE-2017-20225 (TiEmu 2.08 and prior contains a stack-based buffer overflow vulnerabil ...)
+	TODO: check
+CVE-2016-20049 (JAD 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vul ...)
+	TODO: check
+CVE-2016-20048 (iSelect 1.4.0-2+b1 contains a local buffer overflow vulnerability that ...)
+	TODO: check
+CVE-2016-20047 (EKG Gadu 1.9~pre+r2855-3+b1 contains a local buffer overflow vulnerabi ...)
+	TODO: check
+CVE-2016-20046 (zFTP Client 20061220+dfsg3-4.1 contains a buffer overflow vulnerabilit ...)
+	TODO: check
+CVE-2016-20045 (HNB Organizer 1.9.18-10 contains a local buffer overflow vulnerability ...)
+	TODO: check
+CVE-2016-20044 (PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that al ...)
+	TODO: check
+CVE-2016-20043 (NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability ...)
+	TODO: check
+CVE-2016-20042 (TRN 3.6-23 contains a stack buffer overflow vulnerability that allows  ...)
+	TODO: check
+CVE-2016-20041 (Yasr 0.6.9-5 contains a buffer overflow vulnerability that allows loca ...)
+	TODO: check
+CVE-2016-20040 (TiEmu 3.03-nogdb+dfsg-3 contains a buffer overflow vulnerability in th ...)
+	TODO: check
+CVE-2016-20039 (Multi Emulator Super System 0.154-3.1 contains a buffer overflow vulne ...)
+	TODO: check
+CVE-2016-20038 (yTree 1.94-1.1 contains a stack-based buffer overflow vulnerability th ...)
+	TODO: check
+CVE-2016-20037 (xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vuln ...)
+	TODO: check
+CVE-2026-3256 (HTTP::Session versions through 0.53 for Perl defaults to using insecur ...)
 	NOT-FOR-US: HTTP::Session Perl module
-CVE-2025-15604
+CVE-2025-15604 (Amon2 versions before 6.17 for Perl use an insecure random_string impl ...)
 	NOT-FOR-US: Amon2 Perl module
 CVE-2026-5027 (The 'POST /api/v2/files' endpoint does not sanitize the 'filename' par ...)
 	NOT-FOR-US: langflow
@@ -14513,6 +14599,7 @@ CVE-2026-2677 (Reflected Cross-Site Scripting (XSS) on the A3factura web platfor
 CVE-2026-2244 (A vulnerability in Google Cloud Vertex AI Workbench from7/21/2025 to 0 ...)
 	NOT-FOR-US: Google Cloud Vertex AI Workbench
 CVE-2026-28296 (A flaw was found in the FTP GVfs backend. A remote attacker could expl ...)
+	{DLA-4513-1}
 	- gvfs 1.59.90-1 (bug #1129286)
 	[trixie] - gvfs <no-dsa> (Minor issue)
 	[bookworm] - gvfs <no-dsa> (Minor issue)
@@ -14521,6 +14608,7 @@ CVE-2026-28296 (A flaw was found in the FTP GVfs backend. A remote attacker coul
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gvfs/-/commit/2916e8deea297f300056265530c7ca3ea443775f (1.58.2)
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gvfs/-/commit/447ee8a32fe56529bf92c0a733f6d35e724c2689 (1.56.2)
 CVE-2026-28295 (A flaw was found in the FTP GVfs backend. A malicious FTP server can e ...)
+	{DLA-4513-1}
 	- gvfs 1.59.90-1 (bug #1129285)
 	[trixie] - gvfs <no-dsa> (Minor issue)
 	[bookworm] - gvfs <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bde25e6980aa95321f942bf3e07c5275be8393ab

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bde25e6980aa95321f942bf3e07c5275be8393ab
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260328/cab32e45/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list