[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 28 20:14:15 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2ac18435 by security tracker role at 2026-05-28T19:14:09+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,9 +13,9 @@ CVE-2026-9804 (A flaw was found in KubeVirt's virt-exportserver component. An at
CVE-2026-9658 (Plack::Middleware::Security::Common versions before 0.13.1 for Perl di ...)
TODO: check
CVE-2026-9618 (The PeachPay \u2014 Payments & Express Checkout for WooCommerce (suppo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9227 (The GutenBee \u2013 Gutenberg Blocks plugin for WordPress is vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9098 (In Casdoor versions 2.362.0 and earlier, the SAML callback handler in ...)
TODO: check
CVE-2026-9097 (Casdoor versions 2.362.0 and earlier do not verify that a JWT used for ...)
@@ -35,7 +35,7 @@ CVE-2026-9091 (Casdoor versions 2.362.0 and earlier contain a logic flaw in the
CVE-2026-9090 (Casdoor versions 2.362.0 and earlier contain a vulnerability that allo ...)
TODO: check
CVE-2026-9015 (The Equalize Digital Accessibility Checker \u2013 WCAG, ADA, EAA and S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8990 (A user with physical access to a smartphone can bypassauthentication m ...)
TODO: check
CVE-2026-8980 (The Mennekes Amtron series (firmware versions \u2264 5.22.3) is vulner ...)
@@ -43,47 +43,47 @@ CVE-2026-8980 (The Mennekes Amtron series (firmware versions \u2264 5.22.3) is v
CVE-2026-8979 (The Mennekes Amtron series (firmware versions \u2264 5.22.3) is vulner ...)
TODO: check
CVE-2026-8697 (Due to improper enforcement of authentication rate-limiting on a debug ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-8689 (The Visualizer: Tables and Charts Manager for WordPress plugin for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-8682 (The 3D Viewer \u2013 3D Model Viewer \u2013 Augmented Reality \u2013 V ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7862 (The Eupago Gateway For Woocommerce WordPress plugin before 4.7.2 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7797 (The Appointment Booking Calendar \u2014 Simply Schedule Appointments B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7660 (The Easy Updates Manager plugin for WordPress is vulnerable to Reflect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7651 (The User Registration & Membership \u2013 Free & Paid Memberships, Sub ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7634 (The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7621 (The SMTP2GO for WordPress \u2013 Email Made Easy plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7552 (The Geo Mashup plugin for WordPress is vulnerable to authorization byp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7526 (The PDF Embedder plugin for WordPress is vulnerable to Sensitive Infor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7052 (The HT Contact Form \u2013 Drag & Drop Form Builder for WordPress plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-7048 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6937 (The Appointment Booking Calendar \u2014 Simply Schedule Appointments B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6720 (When calicoctl is invoked with --log-level=info or --log-level=debug, ...)
TODO: check
CVE-2026-6455 (The WP Contact Form 7 DB Handler plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6427 (The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-6226 (The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-4944 (vllm-project/vllm version 0.14.1 contains a vulnerability where the `t ...)
TODO: check
CVE-2026-4377 (DlinkDWR-X1820 router uses weak default password generated from its IM ...)
TODO: check
CVE-2026-4334 (The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-49238 (An issue was discovered in Canonical Multipass before version 1.16.3. ...)
TODO: check
CVE-2026-49237 (An issue was discovered in Canonical Multipass for macOS before versio ...)
@@ -285,7 +285,7 @@ CVE-2026-35672 (phpMyFAQ before 4.1.3 contains an authentication bypass vulnerab
CVE-2026-35671 (phpMyFAQ before 4.1.3 contains an insecure direct object reference vul ...)
TODO: check
CVE-2026-34126 (TP-Link has identified a vulnerability in Tapo L535E v1.0 and v3.0, Ta ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-30761 (An arbitrary file upload vulnerability in the pages/admin.uploadmapimg ...)
TODO: check
CVE-2026-30760 (An issue in SourceBans Material Admin before v.1.1.6 (3ecd95e) allows ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ac1843508d2a212f0f3e7da7e1415b9f44b5490
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ac1843508d2a212f0f3e7da7e1415b9f44b5490
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260528/e7ab4225/attachment.htm>
More information about the debian-security-tracker-commits
mailing list