[Git][security-tracker-team/security-tracker][master] new gitlab issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed May 27 22:49:00 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
84c9b936 by Moritz Muehlenhoff at 2026-05-27T23:48:29+02:00
new gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,7 +17,7 @@ CVE-2026-8906 (The WP Promoter plugin for WordPress is vulnerable to Cross-Site
 CVE-2026-8832 (The WPCode - Insert Headers and Footers + Custom Code Snippets - WordP ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-8716 (GitLab has remediated an issue in GitLab CE/EE affecting all versions  ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2026-8405 (IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of G ...)
 	NOT-FOR-US: IBM
 CVE-2026-8180 (IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 ...)
@@ -51,7 +51,7 @@ CVE-2026-6938 (IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypa
 CVE-2026-6936 (IBM i 7.6, 7.5, 7.4, and 7.3 s vulnerable to a denial-of-service attac ...)
 	NOT-FOR-US: IBM
 CVE-2026-6713 (GitLab has remediated an issue in GitLab CE/EE affecting all versions  ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2026-6169 (The affiliate-toolkit plugin for WordPress is vulnerable to remote cod ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-6053 (IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable ...)
@@ -67,11 +67,11 @@ CVE-2026-5515 (IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores poten
 CVE-2026-5509 (An authenticated command injection vulnerability exists in the Archer  ...)
 	NOT-FOR-US: TPLink
 CVE-2026-5296 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
-	TODO: check
+	- gitlab <not-affected> (Specific to EE)
 CVE-2026-5065 (IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded  ...)
 	NOT-FOR-US: IBM
 CVE-2026-4868 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
-	TODO: check
+	- gitlab <not-affected> (Specific to EE)
 CVE-2026-4410 (IBM WebSphere Application Server - Liberty 19.0.0.7 through 26.0.0.5 a ...)
 	NOT-FOR-US: IBM
 CVE-2026-4392 (A vulnerability was detected in TeamSpeak 3 Server up to 3.13.7. This  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84c9b936fafc80c55325fe859ab6aee617a4e588

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84c9b936fafc80c55325fe859ab6aee617a4e588
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260527/12fe7a5d/attachment.htm>

More information about the debian-security-tracker-commits mailing list