Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4473fac1 by security tracker role at 2026-01-24T08:13:38+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -55,51 +55,51 @@ CVE-2026-24139 (MyTube is a self-hosted downloader and
player for several video
CVE-2026-24136 (Saleor is an e-commerce platform. Versions 3.2.0 through
3.20.109, 3.2 ...)
TODO: check
CVE-2026-24128 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2026-24127 (Typemill is a flat-file, Markdown-based CMS designed for
informational ...)
TODO: check
CVE-2026-22586 (Hard-coded Cryptographic Key vulnerability in Salesforce
Marketing Clo ...)
- TODO: check
+ NOT-FOR-US: Salesforce
CVE-2026-22585 (Use of a Broken or Risky Cryptographic Algorithm vulnerability
in Sale ...)
- TODO: check
+ NOT-FOR-US: Salesforce
CVE-2026-22583 (Improper Neutralization of Argument Delimiters in a Command
('Argument ...)
- TODO: check
+ NOT-FOR-US: Salesforce
CVE-2026-22582 (Improper Neutralization of Argument Delimiters in a Command
('Argument ...)
- TODO: check
+ NOT-FOR-US: Salesforce
CVE-2026-1386 (A UNIX symbolic link following issue in the jailer component in
Firecr ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2026-1257 (The Administrative Shortcodes plugin for WordPress is
vulnerable to Lo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1103 (The AIKTP plugin for WordPress is vulnerable to unauthorized
modificat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1099 (The Administrative Shortcodes plugin for WordPress is
vulnerable to St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1097 (The ThemeRuby Multi Authors \u2013 Assign Multiple Writers to
Posts pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1095 (The Canto Testimonials plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1088 (The Login Page Editor plugin for WordPress is vulnerable to
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1084 (The Cookie consent for developers plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1081 (The Set Bulk Post Categories plugin for WordPress is vulnerable
to Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1076 (The Star Review Manager plugin for WordPress is vulnerable to
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1075 (The ZT Captcha plugin for WordPress is vulnerable to Cross-Site
Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1070 (The Alex User Counter plugin for WordPress is vulnerable to
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0991
REJECTED
CVE-2026-0807 (The Frontis Blocks plugin for WordPress is vulnerable to
Server-Side R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0806 (The WP-ClanWars plugin for WordPress is vulnerable to SQL
Injection vi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-70458 (A DOM-based Cross-Site Scripting (XSS) vulnerability exists in
the Dom ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-70457 (A Remote Code Execution (RCE) vulnerability exists in
Sourcecodester M ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-67264 (An OS command injection vulnerability in the
com.sprd.engineermode com ...)
TODO: check
CVE-2025-52026 (An information disclosure vulnerability exists in the
/srvs/membersrv/ ...)
@@ -113,29 +113,29 @@ CVE-2025-52023 (A vulnerability in the PHP backend of
gemscms.aptsys.com.sg thru
CVE-2025-52022 (A vulnerability in the PHP backend of
gemsloyalty.aptsys.com.sg thru 2 ...)
TODO: check
CVE-2025-14985 (The Alpha Blocks plugin for WordPress is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14941 (The GZSEO plugin for WordPress is vulnerable to authorization
bypass l ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14906 (The WP Youtube Video Gallery plugin for WordPress is
vulnerable to Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14903 (The Simple Crypto Shortcodes plugin for WordPress is
vulnerable to Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14843 (The Wizit Gateway for WooCommerce plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14797 (The Same Category Posts plugin for WordPress is vulnerable to
Stored C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14629 (The Alchemist Ajax Upload plugin for WordPress is vulnerable
to unauth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14609 (The Wise Analytics plugin for WordPress is vulnerable to
Missing Autho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13952 (A web page that contains unusual GPU shader code is loaded
from the In ...)
- TODO: check
+ NOT-FOR-US: Imagination Technologies
CVE-2025-13676 (The JustClick registration plugin for WordPress is vulnerable
to Refle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13374 (The Kalrav AI Agent plugin for WordPress is vulnerable to
arbitrary fi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12836 (The VK Google Job Posting Manager plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12780
REJECTED
CVE-2026-24636 (Missing Authorization vulnerability in Syed Balkhi Sugar
Calendar (Lit ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4473fac1b3a9c78871ecdde99b15aebcb5ab40ce
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4473fac1b3a9c78871ecdde99b15aebcb5ab40ce
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
