[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 23 20:13:37 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2a3522f3 by security tracker role at 2026-05-23T19:13:31+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,68 @@
-CVE-2026-43503 [net: skbuff: propagate shared-frag marker through frag-transfer helpers]
+CVE-2026-9306 (A security vulnerability has been detected in QuantumNous new-api up t ...)
+	TODO: check
+CVE-2026-9305 (A weakness has been identified in QuantumNous new-api up to 0.12.1. Th ...)
+	TODO: check
+CVE-2026-9304 (A security flaw has been discovered in calcom cal.diy up to 4.9.4. The ...)
+	TODO: check
+CVE-2026-9303 (A vulnerability was identified in calcom cal.diy up to 4.9.4. Impacted ...)
+	TODO: check
+CVE-2026-9302 (A vulnerability was determined in 546669204 vps-inventory-monitoring u ...)
+	TODO: check
+CVE-2026-9301 (A vulnerability was found in omec-project amf up to 2.1.1. This vulner ...)
+	TODO: check
+CVE-2026-9300 (A vulnerability has been found in omec-project amf up to 2.1.1. This a ...)
+	TODO: check
+CVE-2026-9299 (A flaw has been found in omec-project amf up to 2.1.1. Affected by thi ...)
+	TODO: check
+CVE-2026-9298 (A vulnerability was detected in omec-project amf up to 2.1.1. Affected ...)
+	TODO: check
+CVE-2026-9297 (A security vulnerability has been detected in Edimax BR-6428NS 1.10. A ...)
+	TODO: check
+CVE-2026-9296 (A weakness has been identified in Edimax BR-6428NS 1.10. This impacts  ...)
+	TODO: check
+CVE-2026-9295 (A security flaw has been discovered in Edimax BR-6428NS 1.10. This aff ...)
+	TODO: check
+CVE-2026-9294 (A vulnerability was identified in Edimax BR-6428NS 1.10. The impacted  ...)
+	TODO: check
+CVE-2018-25358 (D-Link DIR601 2.02NA contains a credential disclosure vulnerability th ...)
+	TODO: check
+CVE-2018-25357 (Dolibarr ERP CRM 7.0.3 contains a remote code evaluation vulnerability ...)
+	TODO: check
+CVE-2018-25356 (SIPp 3.6 and earlier contains a local buffer overflow vulnerability in ...)
+	TODO: check
+CVE-2018-25355 (Audiograbber 1.83 contains a local buffer overflow vulnerability that  ...)
+	TODO: check
+CVE-2018-25354 (Joomla Component jomres 9.11.2 contains a cross-site request forgery v ...)
+	TODO: check
+CVE-2018-25353 (Redaxo CMS Mediapool Addon 5.5.1 and older contains an arbitrary file  ...)
+	TODO: check
+CVE-2018-25352 (WordPress Ultimate Form Builder Lite plugin version 1.3.7 and below co ...)
+	TODO: check
+CVE-2018-25351 (Joomla! Component EkRishta 2.10 contains an error-based SQL injection  ...)
+	TODO: check
+CVE-2018-25350 (userSpice 4.3.24 contains a username enumeration vulnerability that al ...)
+	TODO: check
+CVE-2018-25349 (userSpice 4.3.24 contains a cross-site scripting vulnerability that al ...)
+	TODO: check
+CVE-2018-25348 (Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerabili ...)
+	TODO: check
+CVE-2018-25347 (WordPress Contact Form Maker Plugin 1.12.20 contains SQL injection vul ...)
+	TODO: check
+CVE-2018-25346 (WordPress Form Maker Plugin 1.12.24 and below contains SQL injection v ...)
+	TODO: check
+CVE-2018-25345 (10-Strike Network Scanner 3.0 contains a local buffer overflow vulnera ...)
+	TODO: check
+CVE-2018-25344 (10-Strike Network Inventory Explorer 8.54 contains a stack-based buffe ...)
+	TODO: check
+CVE-2018-25343 (Smartshop 1 contains a cross-site request forgery vulnerability that a ...)
+	TODO: check
+CVE-2018-25342 (Smartshop 1 contains a time-based blind SQL injection vulnerability th ...)
+	TODO: check
+CVE-2018-25341 (Smartshop 1 contains a SQL injection vulnerability that allows unauthe ...)
+	TODO: check
+CVE-2018-25340 (Smartshop 1 contains a SQL injection vulnerability that allows unauthe ...)
+	TODO: check
+CVE-2026-43503 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
 	- linux 7.0.9-1
 	NOTE: https://git.kernel.org/linus/48f6a5356a33dd78e7144ae1faef95ffc990aae0
 CVE-2026-9284 (The WooCommerce PayPal Payments plugin for WordPress is vulnerable to  ...)
@@ -4803,7 +4867,7 @@ CVE-2026-42934 (NGINX Plus and NGINX Open Source have a vulnerability in the ngx
 	NOTE: https://my.f5.com/manage/s/article/K000161028
 	NOTE: https://nginx.org/en/security_advisories.html
 	NOTE: https://github.com/nginx/nginx/commit/54b7945961b2eaafc480d6b85d9635d0db1c126a (release-1.30.1)
-CVE-2026-46300 [net: skbuff: preserve shared-frag marker during coalescing]
+CVE-2026-46300 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
 	- linux 7.0.9-1
 	NOTE: https://github.com/v12-security/pocs/tree/main/fragnesia
 	NOTE: https://lore.kernel.org/all/20260513041635.1289541-1-vakzz@zellic.io/
@@ -90091,7 +90155,7 @@ CVE-2025-13120 (A vulnerability has been found in mruby up to 3.4.0. This vulner
 	NOTE: Fixed by: https://github.com/mruby/mruby/commit/eb398971bfb43c38db3e04528b68ac9a7ce509bc
 CVE-2025-13119 (A flaw has been found in Fabian Ros/SourceCodester Simple E-Banking Sy ...)
 	NOT-FOR-US: SourceCodester
-CVE-2025-13118 (A vulnerability was detected in macrozheng mall-swarm and mall up to 1 ...)
+CVE-2025-13118 (A vulnerability was detected in macrozheng mall-swarm up to 1.0.3. Aff ...)
 	NOT-FOR-US: macrozheng mall-swarm
 CVE-2025-13117 (A security vulnerability has been detected in macrozheng mall-swarm an ...)
 	NOT-FOR-US: macrozheng mall-swarm



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a3522f3b02914fb21c3873ca2290872e0950d7b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a3522f3b02914fb21c3873ca2290872e0950d7b
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260523/923ff76c/attachment.htm>

More information about the debian-security-tracker-commits mailing list