[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 15 20:14:16 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e605ce4c by security tracker role at 2026-05-15T19:14:10+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,27 +1,27 @@
CVE-2026-8695 (radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_thre ...)
TODO: check
CVE-2026-8686 (Missing bounds validation in the MQTT v5.0 property parser in coreMQTT ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2026-8425 (The Notify Odoo plugin for WordPress is vulnerable to Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8398 (A supply chain attack compromised the official installation packages o ...)
TODO: check
CVE-2026-7563 (The Classified Listing \u2013 AI-Powered Classified ads & Business Dir ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7182 (Diagram's export module is vulnerable to Path Traversal in src attribu ...)
TODO: check
CVE-2026-7046 (The NEX-Forms \u2013 Ultimate Forms Plugin for WordPress plugin for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6415 (The Advanced Custom Fields: Font Awesome plugin for WordPress is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6403 (The Quick Playground plugin for WordPress is vulnerable to Path Traver ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6228 (The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-5229 (The Form Notify plugin for WordPress is vulnerable to Authentication B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4683 (The Smartcat Translator for WPML plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4054 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 1 ...)
TODO: check
CVE-2026-4053 (Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to enfo ...)
@@ -119,29 +119,29 @@ CVE-2026-42207 (Magento Long Term Support (LTS) is an unofficial, community-driv
CVE-2026-42155 (Magento Long Term Support (LTS) is an unofficial, community-driven pro ...)
TODO: check
CVE-2026-41971 (Permission control vulnerability in the security control module.Impact ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-41970 (Out-of-bounds write vulnerability in the distributed file system modul ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-41969 (Permission control vulnerability in the projection module.Impact: Succ ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-41968 (Permission control vulnerability in the manufacturability design modul ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-41967 (Permission control vulnerability in the manufacturability design modul ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-41966 (Permission control vulnerability in the smart sensing service.Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-41965 (Use-After-Free (UAF) vulnerability in the web.Impact: Successful explo ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-41964 (Permission control vulnerability in the web.Impact: Successful exploit ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-41963 (Stack overflow vulnerability in the media platform.Impact: Successful ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-41962 (Permission control vulnerability in the app management and control mod ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-41961 (Permission control vulnerability in contacts.Impact: Successful exploi ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-41960 (Permission control vulnerability in calls.Impact: Successful exploitat ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-41553 (PDF Export Module used inDHTMLX'sproducts Gantt and Scheduler is vulne ...)
TODO: check
CVE-2026-41552 (PDF Export Module used in DHTMLX's products Gantt and Scheduler is vul ...)
@@ -169,7 +169,7 @@ CVE-2026-23695 (Cockpit CMS through version 2.14.0, patched in commit 72a83fc, c
CVE-2025-67437 (Medical Management System a81df1ce700a9662cb136b27af47f4cbde64156b is ...)
TODO: check
CVE-2025-14972 (* Countermeasures for DPA within SYMCRYPTO engine on SixG301xxx devic ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2021-47968 (Podcast Generator 3.1 contains a persistent cross-site scripting vulne ...)
TODO: check
CVE-2021-47967 (PHP Timeclock 1.04 contains multiple cross-site scripting vulnerabilit ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e605ce4c7fa134b88786e6c04ff9434b4f5eb56c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e605ce4c7fa134b88786e6c04ff9434b4f5eb56c
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260515/d3ea029e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list