[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 1 08:13:22 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
669d2707 by security tracker role at 2026-05-01T07:13:16+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
CVE-2026-7555 (A vulnerability was identified in itsourcecode Electronic Judging Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-7554 (A vulnerability was determined in D-Link M60 up to 1.20B02. Affected b ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-7553 (A vulnerability was found in code-projects Gym Management System 1.0. ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7551 (HKUDS OpenHarness contains a remote code execution vulnerability in th ...)
TODO: check
CVE-2026-7550 (A vulnerability has been found in SourceCodester Pharmacy Sales and In ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-7549 (A flaw has been found in SourceCodester Pharmacy Sales and Inventory S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-7548 (A vulnerability was detected in Totolink NR1800X 9.1.0u.6279_B20210910 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-7546 (A security vulnerability has been detected in Totolink NR1800X 9.1.0u. ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-7545 (A weakness has been identified in SourceCodester Advanced School Manag ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-7538 (A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-7536 (A vulnerability was determined in Open5GS up to 2.7.7. This vulnerabil ...)
TODO: check
CVE-2026-7535 (A vulnerability was found in Open5GS up to 2.7.7. This affects the fun ...)
@@ -35,7 +35,7 @@ CVE-2026-7510 (A vulnerability was determined in OWAP DefectDojo up to 2.55.4. A
CVE-2026-7508 (A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an ...)
TODO: check
CVE-2026-7506 (A vulnerability has been found in SourceCodester Hotel Management Syst ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-7505 (A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to ...)
TODO: check
CVE-2026-7503 (A vulnerability was detected in code-projects for Plugin 4.1.2cu.5137. ...)
@@ -49,15 +49,15 @@ CVE-2026-7435 (SSCMS v7.4.0 contains a SQL injection vulnerability in the stl:sq
CVE-2026-7429 (SSCMS v7.4.0 contains a reflected cross-site scripting vulnerability i ...)
TODO: check
CVE-2026-6543 (IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow allows an attacker t ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-6542 (IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-6539 (Notepad++ 8.9.3 contains a format string injection vulnerability in th ...)
TODO: check
CVE-2026-6389 (IBM Turbonomic prometurbo agent 8.16.0 through 8.17.6 IBM Turbonomic A ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-6127 (The Elementor Website Builder plugin for WordPress is vulnerable to St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-5656 (Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to ...)
TODO: check
CVE-2026-5405 (RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to ...)
@@ -67,9 +67,9 @@ CVE-2026-5404 (K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 t
CVE-2026-5403 (SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows ...)
TODO: check
CVE-2026-4503 (IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow could allow an unaut ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-4502 (IBM Langflow Desktop 1.2.0 through 1.8.4 Langflow could allow an authe ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-4178
REJECTED
CVE-2026-42996 (JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-bas ...)
@@ -81,61 +81,61 @@ CVE-2026-41263 (Traefik is an HTTP reverse proxy and load balancer. Prior to ver
CVE-2026-41174 (Traefik is an HTTP reverse proxy and load balancer. Prior to versions ...)
TODO: check
CVE-2026-40951 (CVE-2026-40951 is a memory corruption vulnerability on Secure Access ...)
- TODO: check
+ NOT-FOR-US: Absolute Software
CVE-2026-40950 (CVE-2026-40950 is a buffer overflow vulnerability in the Secure Access ...)
- TODO: check
+ NOT-FOR-US: Absolute Software
CVE-2026-40949 (CVE-2026-40949 is a buffer overflow vulnerability in the Secure Access ...)
- TODO: check
+ NOT-FOR-US: Absolute Software
CVE-2026-40912 (Traefik is an HTTP reverse proxy and load balancer. Prior to versions ...)
TODO: check
CVE-2026-3346 (IBM Langflow Desktop 1.6.0 through 1.8.4 Lanflow is vulnerable to stor ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-3345 (IBM Langflow Desktop <=1.8.4 Langflow could allow a remote attacker to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-3340 (IBM Langflow Desktop 1.0.0 through 1.8.4 IBM Langflow is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-39858 (Traefik is an HTTP reverse proxy and load balancer. Prior to versions ...)
TODO: check
CVE-2026-35051 (Traefik is an HTTP reverse proxy and load balancer. Prior to versions ...)
TODO: check
CVE-2026-33452 (CVE-2026-33452 is a buffer overflow vulnerability in the Secure Access ...)
- TODO: check
+ NOT-FOR-US: Absolute Software
CVE-2026-33451 (CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure ...)
- TODO: check
+ NOT-FOR-US: Absolute Software
CVE-2026-33450 (CVE-2026-33450 is an out of bounds read vulnerability in the Secure A ...)
- TODO: check
+ NOT-FOR-US: Absolute Software
CVE-2026-33449 (CVE-2026-33449 is a buffer overflow in a message handling function of ...)
- TODO: check
+ NOT-FOR-US: Absolute Software
CVE-2026-33448 (CVE-2026-33448 is a format string vulnerability in the logging subsyst ...)
- TODO: check
+ NOT-FOR-US: Absolute Software
CVE-2026-33447 (CVE-2026-33447 is a buffer overflow in a message parsing function of t ...)
- TODO: check
+ NOT-FOR-US: Absolute Software
CVE-2026-33446 (CVE-2026-33446 is a buffer overflow in the authentication sub-system o ...)
- TODO: check
+ NOT-FOR-US: Absolute Software
CVE-2026-2311 (IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 s vulnerable to privilege escalation ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2026-28909 (Users who connect to malicious registries with hostnames matching the ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2026-28532 (FRRouting before 10.5.3 contains an integer overflow vulnerability in ...)
TODO: check
CVE-2026-22726 (Route Services can be leveraged to send app traffic to network destina ...)
TODO: check
CVE-2026-1577 (IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UN ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-56568 (Assertion failure vulnerability in the PCO (Protocol Configuration Opt ...)
TODO: check
CVE-2025-46115 (An issue in open5gs v.2.7.3 allows a remote attacker to cause a denial ...)
TODO: check
CVE-2025-36335 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.3.0, 5.3.1 stores user c ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36180 (IBM watsonx.data 2.2 through 2.3 IBM Lakehouse does not properly restr ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36122 (IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UN ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-14688 (IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UN ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-13362 (Multiple plugins and/or themes for WordPress are vulnerable to Reflect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7500 (When Keycloak is started with `--features-disabled=account,account-api ...)
- keycloak <itp> (bug #1088287)
CVE-2026-7461 (Improper neutralization of inputs used in an OS command in the FSx Win ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/669d270781f314101bf9720264fddcfb8c9908c0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/669d270781f314101bf9720264fddcfb8c9908c0
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260501/652f437e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list