[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Thu May 7 08:13:57 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9648dbc4 by security tracker role at 2026-05-07T07:13:51+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,19 +5,19 @@ CVE-2026-8033 (A vulnerability has been found in PicoTronica e-Clinic Healthcare
 CVE-2026-8032 (A flaw has been found in PicoTronica e-Clinic Healthcare System ECHS 5 ...)
 	TODO: check
 CVE-2026-7252 (The WP-Optimize \u2013 Cache, Compress images, Minify & Clean database ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-6692 (The Slider Revolution plugin for WordPress is vulnerable to Arbitrary  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-6278
 	REJECTED
 CVE-2026-6222 (The Forminator Forms plugin for WordPress is vulnerable to Missing Aut ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-6214 (The Forminator Forms plugin for WordPress is vulnerable to Missing Aut ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-4807 (The Appointment Booking Calendar plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-4348 (The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-44603 (Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malform ...)
 	TODO: check
 CVE-2026-44602 (Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is  ...)
@@ -31,47 +31,47 @@ CVE-2026-44599 (Tor before 0.4.9.7 can attempt or accept BEGIN_DIR via conflux l
 CVE-2026-44597 (Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE,  ...)
 	TODO: check
 CVE-2026-44118 (OpenClaw before 2026.4.22 derives loopback MCP owner context from spoo ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-44117 (OpenClaw before 2026.4.20 contains a server-side request forgery vulne ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-44116 (OpenClaw before 2026.4.22 contains a server-side request forgery vulne ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-44115 (OpenClaw before 2026.4.22 contains an exec allowlist analysis vulnerab ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-44114 (OpenClaw before 2026.4.20 fails to properly reserve the OPENCLAW_ runt ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-44113 (OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race co ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-44112 (OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race co ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-44111 (OpenClaw before 2026.4.15 contains an arbitrary file read vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-44110 (OpenClaw before 2026.4.15 contains an authorization bypass vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-44109 (OpenClaw before 2026.4.15 contains an authentication bypass vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-43585 (OpenClaw before 2026.4.15 captures resolved bearer-auth configuration  ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-43584 (OpenClaw before 2026.4.10 contains an insufficient environment variabl ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-43583 (OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session c ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-43582 (OpenClaw before 2026.4.10 contains a server-side request forgery vulne ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-43581 (OpenClaw before 2026.4.10 contains an improper network binding vulnera ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-43580 (OpenClaw before 2026.4.10 contains an incomplete navigation guard vuln ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-43579 (OpenClaw before 2026.4.10 contains an insufficient access control vuln ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-43578 (OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escal ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-43577 (OpenClaw before 2026.4.9 contains a file read vulnerability allowing a ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-43576 (OpenClaw before 2026.4.5 contains a server-side request forgery vulner ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-43575 (OpenClaw versions 2026.2.21 before 2026.4.10 contain an authentication ...)
-	TODO: check
+	NOT-FOR-US: OpenClaw
 CVE-2026-42217 (OpenEXR provides the specification and reference implementation of the ...)
 	TODO: check
 CVE-2026-42216 (OpenEXR provides the specification and reference implementation of the ...)
@@ -171,11 +171,11 @@ CVE-2026-40171 (In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab ver
 CVE-2026-40076 (OpenMRS Core is an open source electronic medical record system platfo ...)
 	TODO: check
 CVE-2026-40004 (There exists an openssl.cnf privilege escalation vulnerability in ZTE  ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2026-40003 (ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary  ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2026-3291 (Samsung Print Service Plugin for Android is potentially vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2026-33441
 	REJECTED
 CVE-2026-44353



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9648dbc4c8cefd478513a496501e4e0a0de9db55

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9648dbc4c8cefd478513a496501e4e0a0de9db55
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260507/e9b86e32/attachment.htm>
