[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed May 6 21:53:04 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9616802b by Moritz Muehlenhoff at 2026-05-06T22:52:48+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -422,15 +422,15 @@ CVE-2026-42509 (Improper Neutralization of Input During Web Page Generation ('Cr
 CVE-2026-42503 (gopls by default communicates via pipe. However, -port and -listen fla ...)
 	TODO: check
 CVE-2026-41938 (Vvveb before version 1.0.8.2 contains an unrestricted file upload vuln ...)
-	TODO: check
+	NOT-FOR-US: Vvveb CMS
 CVE-2026-41936 (Vvveb before version 1.0.8.2 contains an XML external entity (XXE) inj ...)
-	TODO: check
+	NOT-FOR-US: Vvveb CMS
 CVE-2026-41934 (Vvveb before version 1.0.8.2 contains an authenticated remote code exe ...)
-	TODO: check
+	NOT-FOR-US: Vvveb CMS
 CVE-2026-41931 (Vvveb before version 1.0.8.2 contains an information disclosure vulner ...)
-	TODO: check
+	NOT-FOR-US: Vvveb CMS
 CVE-2026-41930 (Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnera ...)
-	TODO: check
+	NOT-FOR-US: Vvveb CMS
 CVE-2026-41288 (Incorrect permission assignment for a resource in the patch management ...)
 	NOT-FOR-US: WatchGuard
 CVE-2026-41287 (Stack-based Buffer Overflow vulnerability in the WatchGuard Agent disc ...)
@@ -450,9 +450,9 @@ CVE-2026-35254 (Vulnerability in the Oracle OCI CLI product of Oracle Open Sourc
 CVE-2026-35253 (Vulnerability in the Oracle Macoron Tool product of Oracle Open Source ...)
 	TODO: check
 CVE-2026-34474 (Sensitive data exposure leading to admin/WLAN credential leak in ZTE Z ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2026-34473 (Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A, H198A,  ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2026-33079 (In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS (Regula ...)
 	TODO: check
 CVE-2026-29090 (### Summary  A SQL injection vulnerability exists in Rucio versions 1. ...)
@@ -478,21 +478,21 @@ CVE-2026-20193 (A vulnerability in the RADIUS Policy API endpoints of Cisco ISE
 CVE-2026-20189 (A vulnerability in the log file download functionality of Cisco Prime  ...)
 	NOT-FOR-US: Cisco
 CVE-2026-20188 (A vulnerability in the connection-handling mechanism of Cisco Crosswor ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2026-20185 (A vulnerability in the Simple Network Management Protocol (SNMP) subsy ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2026-20172 (A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and ...)
 	NOT-FOR-US: Cisco
 CVE-2026-20169 (A vulnerability in the web-based management interface of Cisco IoT Fie ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2026-20168 (A vulnerability in the web-based management interface of Cisco IoT Fie ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2026-20167 (A vulnerability in the web-based management interface of Cisco IoT Fie ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2026-20035 (A vulnerability in the web UI of Cisco Unity Connection Web Inbox coul ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2026-20034 (A vulnerability in the web-based management interface of Cisco Unity C ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2026-1719 (The Gravity Bookings Premium plugin for WordPress is vulnerable to SQL ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-0300 (A buffer overflow vulnerability in the User-ID\u2122 Authentication Po ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9616802b799e163ddc48ff12ea8dd27d4c6d829b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9616802b799e163ddc48ff12ea8dd27d4c6d829b
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260506/47f4078c/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list