[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun May 3 08:12:54 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
23ee0c16 by security tracker role at 2026-05-03T07:12:49+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27,25 +27,25 @@ CVE-2026-7670 (A flaw has been found in Jinher OA 1.0. The affected element is a
CVE-2026-7669 (A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impact ...)
TODO: check
CVE-2026-7668 (A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulne ...)
- TODO: check
+ NOT-FOR-US: MikroTik
CVE-2026-7653 (A security flaw has been discovered in r-huijts mcp-server-rijksmuseum ...)
TODO: check
CVE-2026-7649 (The ARMember \u2013 Membership Plugin, Content Restriction, Member Lev ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7645 (A vulnerability was found in ruvnet sublinear-time-solver 1.5.0. Affec ...)
TODO: check
CVE-2026-7644 (A vulnerability has been found in ChatGPTNextWeb NextChat up to 2.16.1 ...)
TODO: check
CVE-2026-7643 (A flaw has been found in ChatGPTNextWeb NextChat up to 2.16.1. This im ...)
- TODO: check
+ NOT-FOR-US: Next.js
CVE-2026-7642 (A vulnerability was detected in pskill9 website-downloader up to 0.1.0 ...)
TODO: check
CVE-2026-7633 (A vulnerability was identified in Totolink N300RH 6.1c.1353_B20190305. ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-7632 (A vulnerability was determined in code-projects Online Hospital Manage ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7631 (A vulnerability was found in code-projects Online Hospital Management ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-7630 (A vulnerability has been found in innocommerce InnoShop up to 0.7.8. T ...)
TODO: check
CVE-2026-7629 (A flaw has been found in kleneway awesome-cursor-mpc-server up to 2.0. ...)
@@ -55,19 +55,19 @@ CVE-2026-7628 (A vulnerability was detected in crazyrabbitLTC mcp-code-review-se
CVE-2026-7627 (A security vulnerability has been detected in 8nite metatrader-4-mcp 1 ...)
TODO: check
CVE-2026-7612 (A vulnerability was determined in itsourcecode Courier Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-7611 (A vulnerability was found in TRENDnet TEW-821DAP up to 1.12B01. This i ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2026-7610 (A vulnerability has been found in TRENDnet TEW-821DAP 1.12B01. This af ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2026-7609 (A flaw has been found in TRENDnet TEW-821DAP up to 1.12B01. The impact ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2026-7608 (A vulnerability was detected in TRENDnet TEW-821DAP up to 1.12B01. The ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2026-7607 (A security vulnerability has been detected in TRENDnet TEW-821DAP 1.12 ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2026-7606 (A weakness has been identified in TRENDnet TEW-821DAP 1.12B01. This is ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2026-7491 (School App developed by Zyosoft has an Insecure Direct Object Referenc ...)
TODO: check
CVE-2026-7490 (CTMS and CPAS developed by Sunnet has an Arbitrary File Upload vulnera ...)
@@ -75,47 +75,47 @@ CVE-2026-7490 (CTMS and CPAS developed by Sunnet has an Arbitrary File Upload vu
CVE-2026-7489 (CTMS developed by Sunnet has a SQL Injection vulnerability, allowing a ...)
TODO: check
CVE-2026-6817 (The Quiz Maker by AYS plugin for WordPress is vulnerable to Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6481
REJECTED
CVE-2026-6457 (The Geo Mashup plugin for WordPress is vulnerable to time-based blind ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6449 (The Booking for Appointments and Events Calendar \u2013 Amelia plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6320 (The Salon Booking System \u2013 Free Version plugin for WordPress is v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6229 (The Royal Elementor Addons plugin for WordPress is vulnerable to Serve ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-5337 (During the analysis, it was identified that authenticated attackers wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-5324 (The Brizy \u2013 Page Builder plugin for WordPress is vulnerable to Un ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-5077 (The Total theme for WordPress is vulnerable to Stored Cross-Site Scrip ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-5063 (The NEX-Forms \u2013 Ultimate Forms Plugin for WordPress plugin for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4790 (The Premium Addons for Elementor \u2013 Powerful Elementor Templates & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4650 (The FundPress \u2013 WordPress Donation Plugin for WordPress is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4100 (The Paid Memberships Pro plugin for WordPress is vulnerable to unautho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4062 (The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL In ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4061 (The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL In ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4060 (The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL In ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4024 (The Royal Addons for Elementor plugin for WordPress is vulnerable to u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-3504 (The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2554 (The WCFM \u2013 Frontend Manager for WooCommerce along with Bookings S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2052 (The Widget Options \u2013 Advanced Conditional Visibility for Gutenber ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0703 (The NextMove Lite \u2013 Thank You Page for WooCommerce plugin for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-40561 (Starlet versions through 0.31 for Perl allows HTTP Request Smuggling v ...)
- starlet <unfixed> (bug #1135584)
NOTE: https://lists.security.metacpan.org/cve-announce/msg/39593408/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23ee0c16012fc8023b5f0f6b2cd738dc5fb22e60
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23ee0c16012fc8023b5f0f6b2cd738dc5fb22e60
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260503/df9088e8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list